On Tue, Jul 28, 2015 at 6:36 AM, Aaron Meriwether <[email protected]> wrote:
> On Jul 27, 2015, at 2:52 PM, Praveen Pvs <[email protected]> wrote: > > should we use specific version of TLS library? > > > Yes, you will indeed need a recent enough version to support TLSv1.2. > > If you are using a *nix system, you are probably using OpenSSL or LibreSSL > as your TLS library. If this is the case, the command "openssl version" > should display the exact version. > > In OpenSSL, support for TLSv1.2 was added in version 1.0.1, so any version > prior to that will not be able to provide TLSv1.2 facilities for curl. > > In fact, you should be able to simply upgrade your OpenSSL library without > any other changes to your curl version or configuration, and curl should > then be able to connect to your TLSv1.2-only server. Since you say the > server is already enforcing the TLSv1.2 requirement, all you really need is > for the SSL/TSL library used by curl to support TLSv1.2 - there is no > particular requirement to upgrade and configure curl so as to force TLSv1.2 > from its end. > > -Aaron > >>>When i commented out the following line, then it auto negotiated to TLS 1.2 version. Is the following line setting to use up-to TLS 1.0 only? /* To set preferred TLS/SSL version */ curl_easy_setopt(loccurlHandle, *CURLOPT_SSLVERSION*, *CURL_SSLVERSION_TLSv1*); > > ------------------------------------------------------------------- > List admin: http://cool.haxx.se/list/listinfo/curl-library > Etiquette: http://curl.haxx.se/mail/etiquette.html >
------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
