Explanatory text states:
****
Sets the version of the SSL protocol used to transmit data. The default is
SSLv2/3:!SSLv3:!SSLv2.
The IO::Socket::SSL POD explains:
Sets the version of the SSL protocol used to transmit data.
'SSLv23' and the older definition 'SSLv2/3' (of the same) uses a handshake
compatible with SSL2.0, SSL3.0 and TLS1.x, while 'SSLv2', 'SSLv3', 'TLSv1',
'TLSv1_1' or 'TLSv1_2' restrict handshake and protocol to the specified version.
All values are case-insensitive. Instead of 'TLSv1_1' and 'TLSv1_2' one can
also use 'TLSv11' and 'TLSv12'. Support for 'TLSv1_1' and 'TLSv1_2' requires
recent versions of Net::SSLeay and openssl.
Independent from the handshake format you can limit to set of accepted SSL
versions by adding !version separated by ':'.
The default SSL_version <http://localhost:55555/#SSL_version> is
'SSLv23:!SSLv3:!SSLv2' which means, that the handshake format is compatible to
SSL2.0 and higher, but that the successful handshake is limited to TLS1.0 and
higher, that is no SSL2.0 or SSL3.0 because both of these versions have serious
security issues and should not be used anymore.
****
Should the last sentence start “The default SSL_version is
‘SSLv2/3:!SSLv3:!SSLv2’”? Ie there be a ‘/‘ between the 2 and 3.
James.
------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785471&iu=/4140
_______________________________________________
Assp-test mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/assp-test
