Index: doc/tls.html ================================================================== --- doc/tls.html +++ doc/tls.html @@ -186,13 +186,13 @@ order to validate against. (default is false)
-security_level integer
Specifies the security level (value from 0 to 5). The security level affects the cipher suite encryption algorithms, supported ECC curves, supported signature algorithms, DH parameter sizes, certificate key - sizes and signature algorithms. The default is 1. Level 3 and higher - disable support for session tickets and only accept cipher suites that - provide forward secrecy.
+ sizes and signature algorithms. The default is 1 prior to OpenSSL 3.2 + and 2 thereafter. Level 3 and higher disable support for session + tickets and only accept cipher suites that provide forward secrecy.
-server bool
Specifies whether to act as a server and respond with a server handshake when a client connects and provides a client handshake. (default is false)
-servername host
@@ -200,17 +200,23 @@ Indication (SNI) extension. Set this to the expected servername in the server's certificate or one of the subjectAltName alternates.
-session_id string
Specifies the session id to resume session.
-ssl2 bool
-
Enable use of SSL v2. (default is false)
+
Enable use of SSL v2. (default is false). + Note: Recent versions of OpenSSL don't support SSLv2.
-ssl3 bool
-
Enable use of SSL v3. (default is false)
+
Enable use of SSL v3. (default is false). + Note: SSL v3 must also be enabled with a compile time option.
-tls1 bool
-
Enable use of TLS v1. (default is true)
+
Enable use of TLS v1. (default is true). + Note: TLS 1.0 needs SHA1 to operate, which is only available in + security level 0 for Open SSL 3.0+.
-tls1.1 bool
-
Enable use of TLS v1.1 (default is true)
+
Enable use of TLS v1.1 (default is true). + Note: TLS 1.1 needs SHA1 to operate, which is only available in + security level 0 for Open SSL 3.0+.
-tls1.2 bool
Enable use of TLS v1.2 (default is true)
-tls1.3 bool
Enable use of TLS v1.3 (default is true)
-validatecommand callback