RE: [stunnel-users] exclusively TLS
This is a discussion on RE: [stunnel-users] exclusively TLS within the Stunnel Users forums, part of the Networking and Network Related category; On Fri, 20 Jan 2006, Moehrke, John (GE Healthcare) wrote: > It is not the list of ciphers that I ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
01-20-2006
|
|||
|
|||
RE: [stunnel-users] exclusively TLS
On Fri, 20 Jan 2006, Moehrke, John (GE Healthcare) wrote:
> It is not the list of ciphers that I want to choose from. We are indeed > using a select set of ciphers and that seems to be working fine. My > problem is that when stunnel connects to the server it is trying sslv3, > and this causes an error as the server is only supporting TLS. I could > easily be wrong... Ah, that way. options = SSL_options OpenSSL library options The parameter is the OpenSSL option name as described in the SSL_CTX_set_options(3ssl) manual, but without SSL_OP_ prefix. Several options can be used to specify multiple options. For example for compatibility with erroneous Eudora SSL implementation the following option can be used: options = DONT_INSERT_EMPTY_FRAGMENTS Check the SSL_CTX_set_options manpage, it says -amongst other things-: SSL_OP_NO_SSLv2 Do not use the SSLv2 protocol. SSL_OP_NO_SSLv3 Do not use the SSLv3 protocol. SSL_OP_NO_TLSv1 Do not use the TLSv1 protocol. That ought to do the trick I'd say. Let us know if it did :) Jan -- http://www.surfnet.nl/organisatie/jame _______________________________________________ stunnel-users mailing list stunnel-users@mirt.net http://stunnel.mirt.net/mailman/listinfo/stunnel-users 
|
 |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT +1. The time now is 01:06 PM.
