[openssl-users] Working around servers requiring SSL 2/3 record layer, and using TLS 1.2?
Jeffrey Walton
noloader at gmail.com
Thu Feb 11 02:03:35 UTC 2016
How do we work around a server that seems to require SSLv23_method?
That is, they accept the SSLv3 record layer and TLS 1.2 protocol, but
they reject record layers and protocols that only specify TLS 1.2?
As far as I know, there are no constants for TLS 1.0 and 1.1, so we
can't extend this in clients:
const SSL_METHOD* method = SSLv23_method();
ctx = SSL_CTX_new(method);
...
const long flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 |
SSL_OP_NO_COMPRESSION;
SSL_CTX_set_options(ctx, flags);
Thanks in advance.
More information about the openssl-users
mailing list