[openssl-users] Working around servers requiring SSL 2/3 record layer, and using TLS 1.2?
Jeffrey Walton
noloader at gmail.com
Thu Feb 11 02:28:58 UTC 2016
>> How do we work around a server that seems to require SSLv23_method?
>
> Don't think of this as a work-around. You SHOULD use the version-flexible
> method (renamed from SSLv23_method() to TLS_method() in master).
>
> You should then disable unwanted protocols that are too weak. In master
> use the new min/max version controls and avoid the SSL_OP_NO_<some_version>
> macros. In 1.0.x, use the macros to disable some contiguous set of protocol
> versions starting at SSLv2.
>
Thanks Viktor. It sounds like Master is in good working order. Is
there anything that can be done with OpenSSL 1.0.2?
Jeff
More information about the openssl-users
mailing list