> The introduced version method "sslBestVer" does not support tls (cause > it means sslv23). Would it be "nice", to support TLS too automatically ?
sslBestVer and sslv23 do support TLS, I use them for all my application. I added sslBestVer in an attempt to break the misconception that it only meant v2 and v3. According to the release notes for changes between 1.0.2 and 1.1.0: "Version negotiation has been rewritten. In particular SSLv23_method(), SSLv23_client_method() and SSLv23_server_method() have been deprecated, and turned into macros which simply call the new preferred function names TLS_method(), TLS_client_method() and TLS_server_method(). All new code should use the new names instead." Note that OpenSSL 1.1.0 has not yet been released, this is a future change, to use TLS_method instead which is documented as: "A TLS/SSL connection established with these methods may understand the SSLv3, TLSv1, TLSv1.1 and TLSv1.2 protocols." > The destination server accepts only connection with the option "sslTLS_V1" Maybe your SslOptions includes sslOpt_NO_TLSv1 or your cipher suite does not include an old TLSv1 ciphers (very hard to tell). The latest OverbyteIcsHttpsTst sample includes GUI options for all the diferent methods and options, but does need an OpenSSL reset when you change them to ensure the correct settings are used. Angus -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
