Hi All
What is the best way to support TLS1.2 procotol alone in an application
currently it is done by creating protocol
sslProtocolMethod = TLSv1_2_method();
ctx = SSL_CTX_new(sslProtocolMethod)
;
options = SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1 |SSL_OP_NO_SSLv2;
#ifndef OPENSSL_NO_SSL3
options |= SSL_OP_NO_SSLv3;
and used options to
SSL_CTX_set_options(ctx, options);
and this is supoosed to be used by both client and server
Can I change it to
ctx = SSL_CTX_new( SSLv23_method());
and disable all other by settings options
SSL_CTX_set_options( ctx, SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1 |SSL_OP_NO_SSLv2
#ifnded OPENSSL_NO_SSLv3
| SSL_OP_NO_SSLv3
#end
);
If not, Would somebody please explain me why
--
Warm Regards
--Dev
OpenPegasus Developer/Committer
"Any fool can write code that a computer can understand. Good programmers
write code that humans can understand."
--- Martin Fowler
