[openssl-users] Disable/Enable TLS versions for all connections at runtime

Craig_Weeks at trendmicro.com Craig_Weeks at trendmicro.com
Wed Nov 16 22:58:17 UTC 2016


I am an OpenSSL neophyte, so please bear with me if the answer is obvious in the documentation.

Our product is going to provide runtime options to the user to enable and disable TLS 1.0, 1.1 and 1.2 in a discrete manner. For example: today enable 1.0 and 1.2, disable 1.1; tomorrow enable 1.1 and 1.2, disable 1.0.

How do I use the available APIs to toggle the availability of these versions of TLS at runtime (as opposed to some compile time switch that permanently removes support for 1 or more versions)? I want these settings to apply to all new connections after they have been enabled or disabled.

Craig Weeks | Senior Software Engineer, Support Response Team (SRT)

craig_weeks at trendmicro.com<mailto:Richard_Fangman at trendmicro.com>

14231 Tandem Blvd, Austin TX 78728

www.trendmicro.com<http://www.trendmicro.com>


<table class="TM_EMAIL_NOTICE"><tr><td><pre>
TREND MICRO EMAIL NOTICE
The information contained in this email and any attachments is confidential 
and may be subject to copyright or other intellectual property protection. 
If you are not the intended recipient, you are not authorized to use or 
disclose this information, and we request that you notify us by reply mail or
telephone and delete the original message from your mail system.
</pre></td></tr></table>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20161116/379ff31e/attachment-0001.html>


More information about the openssl-users mailing list