> On Feb 10, 2016, at 9:03 PM, Jeffrey Walton <noloa...@gmail.com> wrote:
>
> How do we work around a server that seems to require SSLv23_method?
Don't think of this as a work-around. You SHOULD use the version-flexible
method (renamed from SSLv23_method() to TLS_method() in master).
You should then disable unwanted protocols that are too weak. In master
use the new min/max version controls and avoid the SSL_OP_NO_<some_version>
macros. In 1.0.x, use the macros to disable some contiguous set of protocol
versions starting at SSLv2.
--
Viktor.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
