Re: Implementing TLSv1.2 protocol
On Fri, Aug 30, 2013 at 09:46:11AM -0400, The Phoenix wrote: > I am newbee to openssl stuff. My application just need to run only on > TLSv1.2 protocol. Which one is the correct way of implementing it: When you say only, do you mean only this specific version, or TLSv1.2 or later (when someday TLSv1.3 is defined and implemented)? > First Way: > > context = SSL_CTX_new(TLSv1_2_method()); This gets you TLSv1.2 only. > Second way: > > context = SSL_CTX_new( SSLv23_method() ); > SSL_CTX_set_options( context, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | > SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1); This gets you TLSv1.2 or later. -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Implementing TLSv1.2 protocol
Hi, I am newbee to openssl stuff. My application just need to run only on TLSv1.2 protocol. Which one is the correct way of implementing it: First Way: context = SSL_CTX_new(TLSv1_2_method()); Second way: context = SSL_CTX_new( SSLv23_method() ); SSL_CTX_set_options( context, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1); Any help would be really appreciated. Thanks, VS
Re: Implementing TLSv1.2 protocol
What are you using to access the OpenSSL libs? You can do some special code changes in OpenVPN to force TLS 1.2 on the control and data channels. You also define it in the access of your application On Fri, Aug 30, 2013 at 8:46 AM, The Phoenix wrote: > Hi, > > I am newbee to openssl stuff. My application just need to run only on > TLSv1.2 protocol. Which one is the correct way of implementing it: > > First Way: > > context = SSL_CTX_new(TLSv1_2_method()); > > Second way: > > context = SSL_CTX_new( SSLv23_method() ); > SSL_CTX_set_options( context, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | > SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1); > > Any help would be really appreciated. > > Thanks, > VS > > -- Stacy Devino StacyDevino.com KF5NQI Mobile, Web, Audio, Hardware
