> From: openssl-users <openssl-users-boun...@openssl.org> On Behalf Of Jan Just > Keijser > Sent: Monday, 31 January, 2022 03:51 > To: Srinivas, Saketh (c) <ssrini...@rbbn.com>; openssl-users@openssl.org > Subject: Re: Doubt regarding ssl options
> On 31/01/22 10:27, Srinivas, Saketh (c) wrote: > > what is the difference between SSL_CTX_set_min_proto_version > > and SSL_set_min_proto_version. > The effect of SSL_CTX_set_min_proto_version and SSL_set_min_proto_version is > exactly the same... More generally: The difference between SSL_CTX_something and SSL_something is that the former operates on an SSL_CTX object, and the latter on an SSL object. An SSL object controls an SSL connection (more or less). An SSL_CTX object is used to create one or more SSL objects; it serves as a template for those SSL objects. So if you want to set "something" for multiple SSL objects you will create later, use the SSL_CTX_something function. If you only need to alter the properties of an existing SSL object, use the SSL_something function. This is a fundamental aspect of the OpenSSL API. -- Michael Wojcik
