On Fri, Aug 30, 2013 at 09:46:11AM -0400, The Phoenix wrote: > I am newbee to openssl stuff. My application just need to run only on > TLSv1.2 protocol. Which one is the correct way of implementing it:
When you say only, do you mean only this specific version, or TLSv1.2 or later (when someday TLSv1.3 is defined and implemented)? > First Way: > > context = SSL_CTX_new(TLSv1_2_method()); This gets you TLSv1.2 only. > Second way: > > context = SSL_CTX_new( SSLv23_method() ); > SSL_CTX_set_options( context, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | > SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1); This gets you TLSv1.2 or later. -- Viktor. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org