Hi Thulasi, Thanks for the response.
But my point is little different here. I have a generic HTTP client, that talks to SSL 3.0 as well as TLS 1.x enabled server. And as mentioned earlier, I have disabled SSLv2. Now, when I talk to any server, shouldn't the client be sending SSLv3(SSL 3.0) in the version instead of TLS 1.0 as seen from packet capture? Is it some default behaviour? Is it configurable? Regards, Abhijit > Thulasi Goriparthi > SSLv23_client_method supports all protocols by default and connects using > the highest protocol that server supports(as received from server hello) > > I suggest you try disabling TLS 1.0 along with SSL2 if you want to force > your client to use SSL3 without changing the context's method. > SSL_CTX_set_options(ctx, SSL_OP_ALL| > SSL_OP_NO_SSLv2 | > SSL_OP_NO_TLSv1); > > If the server supports TLS1.1 and TLS 1.2, update the client ctx option to > use SSL_OP_NO_TLSv1_1 and SSL_OP_NO_TLSv1_2 also. On Fri, Sep 12, 2014 at 6:01 PM, abhijit pai <abhijitpa...@gmail.com> wrote: > Hello All, > > I am using openSSL in my custom HTTP client. > Here I use SSLv23_client_method() and disable SSLv2 using > SSL_CTX_set_options(ctx, SSL_OP_ALL| SSL_OP_NO_SSLv2) > > I would expect the handshake method sent out to the server be SSL v3.0 > but to my surprise it is TLS 1.0, which for some reasons the server > does not support. > > This is a generic code, that would talk to even TLS 1.x enabled > servers, so I cannot fix it using SSLv3_client_method(). > > Is there any other API that I am not aware of that could help me achieve > it? > > Thanks in advance! > > > Regards, > Abhijit >
