Index: doc/tls.html
==================================================================
--- doc/tls.html
+++ doc/tls.html
@@ -186,13 +186,13 @@
order to validate against. (default is false)
-security_level integer
Specifies the security level (value from 0 to 5). The security level
affects the cipher suite encryption algorithms, supported ECC curves,
supported signature algorithms, DH parameter sizes, certificate key
- sizes and signature algorithms. The default is 1. Level 3 and higher
- disable support for session tickets and only accept cipher suites that
- provide forward secrecy.
+ sizes and signature algorithms. The default is 1 prior to OpenSSL 3.2
+ and 2 thereafter. Level 3 and higher disable support for session
+ tickets and only accept cipher suites that provide forward secrecy.
-server bool
Specifies whether to act as a server and respond with a server
handshake when a client connects and provides a client handshake.
(default is false)
-servername host
@@ -200,17 +200,23 @@
Indication (SNI) extension. Set this to the expected servername in the
server's certificate or one of the subjectAltName alternates.
-session_id string
Specifies the session id to resume session.
-ssl2 bool
- Enable use of SSL v2. (default is false)
+ Enable use of SSL v2. (default is false).
+ Note: Recent versions of OpenSSL don't support SSLv2.
-ssl3 bool
- Enable use of SSL v3. (default is false)
+ Enable use of SSL v3. (default is false).
+ Note: SSL v3 must also be enabled with a compile time option.
-tls1 bool
- Enable use of TLS v1. (default is true)
+ Enable use of TLS v1. (default is true).
+ Note: TLS 1.0 needs SHA1 to operate, which is only available in
+ security level 0 for Open SSL 3.0+.
-tls1.1 bool
- Enable use of TLS v1.1 (default is true)
+ Enable use of TLS v1.1 (default is true).
+ Note: TLS 1.1 needs SHA1 to operate, which is only available in
+ security level 0 for Open SSL 3.0+.
-tls1.2 bool
Enable use of TLS v1.2 (default is true)
-tls1.3 bool
Enable use of TLS v1.3 (default is true)
-validatecommand callback