[openssl-users] Building OpenSSL 1.0.1t without tls1.1 support?

Short, Todd tshort at akamai.com
Thu Aug 25 12:21:15 UTC 2016

1.0.1 is old, and not really supported, except some security fixes.
1.0.x does not provide the ability to compile out TLSv1.0 from 1.1 from 1.2.
The upcoming 1.1.x does.

If you disable tls1, then you’ve also disabled all later versions, so enable tlsv1 at config time and use the SSL options to enable/disable the protocols at run time.

-Todd Short
// tshort at akamai.com<mailto:tshort at akamai.com>
// "One if by land, two if by sea, three if by the Internet."

On Aug 22, 2016, at 3:08 PM, Scott Neugroschl <scott_n at xypro.com<mailto:scott_n at xypro.com>> wrote:

I’ve done a custom build of OpenSSL where I ran Configure with “no-ssl2” and “no-ssl3”.  I’d like to disable TLS1 and 1.1 if possible.  Will the no-tls1 option disable just TLS1 or all TLS1.x protocols?



openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160825/1ffe3f4a/attachment.html>

More information about the openssl-users mailing list