| 1=pod 2 3=head1 NAME 4 5SSL_CTX_new - create a new SSL_CTX object as framework for TLS/SSL enabled functions 6 7=head1 SYNOPSIS 8 --- 45 unchanged lines hidden (view full) --- 54A TLS/SSL connection established with these methods will understand the SSLv2, 55SSLv3, and TLSv1 protocol. A client will send out SSLv2 client hello messages 56and will indicate that it also understands SSLv3 and TLSv1. A server will 57understand SSLv2, SSLv3, and TLSv1 client hello messages. This is the best 58choice when compatibility is a concern. 59 60=back 61 |
| 62The list of protocols available can later be limited using the SSL_OP_NO_SSLv2, 63SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1 options of the B<SSL_CTX_set_options()> or 64B<SSL_set_options()> functions. Using these options it is possible to choose 65e.g. SSLv23_server_method() and be able to negotiate with all possible 66clients, but to only allow newer protocols like SSLv3 or TLSv1. 67 68SSL_CTX_new() initializes the list of ciphers, the session cache setting, 69the callbacks, the keys and certificates, and the options to its default --- 25 unchanged lines hidden --- |