[openssl-users] Working around servers requiring SSL 2/3 record layer, and using TLS 1.2?

Jeffrey Walton noloader at gmail.com
Thu Feb 11 02:28:58 UTC 2016

>> How do we work around a server that seems to require SSLv23_method?
> Don't think of this as a work-around.  You SHOULD use the version-flexible
> method (renamed from SSLv23_method() to TLS_method() in master).
> You should then disable unwanted protocols that are too weak.  In master
> use the new min/max version controls and avoid the SSL_OP_NO_<some_version>
> macros.  In 1.0.x, use the macros to disable some contiguous set of protocol
> versions starting at SSLv2.
Thanks Viktor. It sounds like Master is in good working order. Is
there anything that can be done with OpenSSL 1.0.2?


More information about the openssl-users mailing list