@@ -178,10 +178,17 @@
(default is true)
-require bool
Require a valid certificate from peer during SSL handshake.
If this is set to true, then -request must
also be set to true. (default is false)
+ -securitylevel integer
+ Set security level. Must be 0 to 5. The security level affects
+ cipher suite encryption algorithms, supported ECC curves,
+ supported signature algorithms, DH parameter sizes, certificate
+ key sizes and signature algorithms. The default is 1.
+ Level 3 and higher disable support for session tickets and only
+ accept cipher suites that provide forward secrecy.
-server bool
Handshake as server if true, else handshake as
client. (default is false)
-servername host
Specify server hostname. Only available if the OpenSSL library
@@ -269,11 +276,13 @@
State of the connection: initializing, handshake, established
server name
The name of the connected to server.
protocol version
The protocol version used for the connection:
- SSL2, SSL3, TLS1, TLS1.1, TLS1.2, TLS1.3, or unknown
+ SSL2, SSL3, TLS1, TLS1.1, TLS1.2, TLS1.3, or unknown.
+ securitylevel level
+ The security level used for selection of ciphers, key size, etc.
cipher cipher
The current cipher in use for the connection.
standard_name name
The standard RFC name of cipher.
bits n