Order of protocols in MinProtocol
Klaus Umbach
klaus+ml.openssl-users at uxix.de
Wed Jul 8 14:58:39 UTC 2020
Hi,
when I set "MinProtocol" to "TLSv1.2" in openssl.cnf, DTLSv1.2 doesn't work for
the client (in my specific case openconnect).
According to https://www.openssl.org/docs/man1.1.1/man3/SSL_CONF_cmd.html,
only one value is possible, so I can't set both. The usage of "Protocol",
where I could use a list, is marked as deprecated.
If I set it to "DTLSv1.2", openconnect works fine, but why is "TLSv1.2" higher
than "DTLSv1.2" and what is the minimal version of TLS now?
How could I set the a System default "MinProtocol" for DTLS and TLS to 1.2?
-
Klaus
More information about the openssl-users
mailing list