On Sat, Jan 25, 2014 at 11:34:05AM -0500, Jeffrey Walton wrote:
> > ... for >= TLSv1.2, protocol should be selected as SSLv23_method()?
>
> Yes, but as Viktor pointed out, you also need:
>
> options = SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1 |SSL_OP_NO_SSLv2
plus SSL_OP_NO_SSLv3. So I would define:
> ... for >= TLSv1.2, protocol should be selected as SSLv23_method()?
Yes, but as Viktor pointed out, you also need:
options = SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1 |SSL_OP_NO_SSLv2
Jeff
On Sat, Jan 25, 2014 at 10:40 AM, Devchandra L Meetei wrote:
> Just one more thing, for >= TLSv1.2,
>
> Protoco
Just one more thing, for >= TLSv1.2,
Protocol should be selected as SSLv23_method()?
On Sat, Jan 25, 2014 at 8:33 PM, Devchandra L Meetei wrote:
> Aah, As you asked me correctly, Would prefer the >TLSv1.2,
> Thank you Viktor.
>
>
> On Sat, Jan 25, 2014 at 10:53 AM, Viktor Dukhovni <
> openssl-u
Aah, As you asked me correctly, Would prefer the >TLSv1.2,
Thank you Viktor.
On Sat, Jan 25, 2014 at 10:53 AM, Viktor Dukhovni <
openssl-us...@dukhovni.org> wrote:
> On Sat, Jan 25, 2014 at 10:29:58AM +0530, Devchandra L Meetei wrote:
>
> > What is the best way to support TLS1.2 procotol alone i
On Sat, Jan 25, 2014 at 10:29:58AM +0530, Devchandra L Meetei wrote:
> What is the best way to support TLS1.2 procotol alone in an application
Do you really mean only TLSv1.2, or do you in fact want >= TLSv1.2,
so that when TLSV1.3 comes out the same code will also work with
TLSv1.3?
> currently
Hi All
What is the best way to support TLS1.2 procotol alone in an application
currently it is done by creating protocol
sslProtocolMethod = TLSv1_2_method();
ctx = SSL_CTX_new(sslProtocolMethod)
;
options = SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1 |SSL_OP_NO_SSLv2;
#ifndef OPENSSL_NO_SSL3
