Hi,
The OpenSSL backend treats the TLS version specified with CURLOPT_SSLVERSION
as the exact version you want to negotiate, not the minimum version. I believe
this is not what people expect (and the documentation wasn't really crystal
clear either on this). It also makes it impossible to ask for, for example 1.1
and 1.2 but not 1.3 with our current options.
I want to change this to make the option explicitly set the lowest acceptable
TLS version: https://github.com/curl/curl/pull/2694
If you think this causes you trouble, now would be a great time to let me
know! =)
(PS, in a separate PR I'm updating the default to allow TLS 1.3 connections
without any special option: https://github.com/curl/curl/pull/2693 )
--
/ daniel.haxx.se
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
