Order of protocols in MinProtocol

Matt Caswell matt at openssl.org
Wed Jul 8 15:36:55 UTC 2020

On 08/07/2020 16:28, Viktor Dukhovni wrote:
>> How could I set the a System default "MinProtocol" for DTLS and TLS to 1.2?
> AFAIK, that's not presently possible.  You can specify application
> profiles, for applications that specify an application name when
> initializing OpenSSL.  Or use the OPENSSL_CONF environment variable to
> select an alternative configuration file for DTLS applications.

Arguably, that is a bug. You *should* be able to do that - perhaps based
on some sensible mapping between TLS protocol versions based on whether
we have a DTLS or TLS based SSL_METHOD.


More information about the openssl-users mailing list