[openssl-users] cipher suites
Viktor Dukhovni
openssl-users at dukhovni.org
Fri Oct 26 22:47:27 UTC 2018
You don't have to call either. Both have sensible defaults.
Especially, with TLS 1.3, there is generally little reason
to choose non-default ciphers.
> On Oct 26, 2018, at 6:12 PM, Skip Carter <skip at taygeta.com> wrote:
>
> If my application will support both TLSv1.2 and TLSv1.3 connections to
> it (depending who is connecting), do I have to call both
> SSL_CTX_set_ciphersuites() and SSL_CTX_set_cipher_list() when setting
> up my context?
If you're doing something unusual, or provide a configurable interface
with optional overrides of the ciphers to the application users, you
can customize either or both lists.
--
Viktor.
More information about the openssl-users
mailing list