Hi, So the code looks like: if (0 == strcmp("sslv23", protocol)) { verb ("V: using SSLv23_client_method()"); ctx = SSL_CTX_new(SSLv23_client_method()); } else if (0 == strcmp("sslv3", protocol)) { verb ("V: using SSLv3_client_method()"); ctx = SSL_CTX_new(SSLv3_client_method()); } else if (0 == strcmp("tlsv1", protocol)) { verb ("V: using TLSv1_client_method()"); ctx = SSL_CTX_new(TLSv1_client_method()); } else die("Unsupported protocol `%s'", protocol);
And the documetation says: .IP "\-P | \-\-protocol [sslv23|sslv3|tlsv1]" Set protocol to use when communicating with server (default: 'tlsv1') I suggest you only support the SSLv23_* method. It's the only method supporting multiple protocol versions. If you want to be able to control the version I suggest you use SSL_(CTX_)set_options with something like SSL_OP_NO_SSLv3. Kurt