How to disable tls 1.0 and tls 1.1

[Chethan Kumar]

Adding to previous mail,
We tried -DSSL_OP_NO_TLSv1   -DSSL_OP_NO_TLSv1_1  along with disabling SSLv2 and v1 but still client hello is sent using min and max as TLS1.0 and TLS1.2.

Any idea what is wrong in our options and what should be used instead.?

Thanks in advance,
Chethan Kumar

From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf Of Chethan Kumar
Sent: Thursday, April 11, 2019 4:25 PM
To: openssl-users at openssl.org
Subject: How to disable tls 1.0 and tls 1.1

Dear all,

Kindly help me out in knowing how to disable TLS1.0 and TLS1.1 while compiling openssl package.
I am using 1.0.2n openssl version and disabled SSLv1 and v2 using -DSSL_OP_NO_SSLv2, -DOPENSSL_NO_SSL3 and -DOPENSSL_NO_SSL2.

I also have a doubt on difference between -DSSL_OP_NO_SSLv2, -DOPENSSL_NO_SSL3 and -DOPENSSL_NO_SSL2.
Can someone please explain the difference.

Thanks in advance,
Chethan Kumar


The information contained in this e-mail message and in any attachments/annexure/appendices is confidential to the
recipient and may contain privileged information. If you are not the intended recipient, please notify the
sender and delete the message along with any attachments/annexure/appendices. You should not disclose,
copy or otherwise use the information contained in the message or any annexure. Any views expressed in this e-mail
are those of the individual sender except where the sender specifically states them to be the views of
Toshiba Software India Pvt. Ltd. (TSIP),Bangalore.
Although this transmission and any attachments are believed to be free of any virus or other defect that might affect any computer system into which it is received and opened, it is the responsibility of the recipient to ensure that it is virus free and no responsibility is accepted by Toshiba Software India Pvt. Ltd, for any loss or damage arising in any way from its use.
The information contained in this e-mail message and in any
attachments/annexure/appendices is confidential to the 
recipient and may contain privileged information. 
If you are not the intended recipient, please notify the
sender and delete the message along with any 
attachments/annexure/appendices. You should not disclose,
copy or otherwise use the information contained in the
message or any annexure. Any views expressed in this e-mail 
are those of the individual sender except where the sender 
specifically states them to be the views of 
Toshiba Software India Pvt. Ltd. (TSIP),Bangalore.

Although this transmission and any attachments are believed to be
free of any virus or other defect that might affect any computer 
system into which it is received and opened, it is the responsibility
of the recipient to ensure that it is virus free and no responsibility 
is accepted by Toshiba Embedded Software India Pvt. Ltd, for any loss or
damage arising in any way from its use.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20190411/07a0acaa/attachment.html>