36 Various bug workarounds are set, same as setting B<SSL_OP_ALL>.
40 Disables support for SSL/TLS compression, same as setting
56 Disables support for session tickets, same as setting B<SSL_OP_NO_TICKET>.
67 setting B<SSL_OP_ALLOW_CLIENT_RENEGOTIATION>.
72 Permits the use of unsafe legacy renegotiation. Equivalent to setting
77 Disables all attempts at renegotiation in TLSv1.2 and earlier, same as setting
87 clients only. Equivalent to setting or clearing B<SSL_OP_LEGACY_SERVER_CONNECT>.
109 Enables strict mode protocol handling. Equivalent to setting
154 group to use. This setting affects groups used for signatures (in TLSv1.2
284 setting the corresponding options B<SSL_OP_NO_SSLv3>, B<SSL_OP_NO_TLSv1>,
425 to determine which group to use. This setting affects groups used for
452 The command can be repeated with one instance setting a TLS bound, and the
453 other setting a DTLS bound.
464 The command can be repeated with one instance setting a TLS bound, and the
465 other setting a DTLS bound.
478 You need to disable at least one protocol version for this setting have any
508 B<SSL_OP_NO_TICKET>: that is B<-SessionTicket> is the same as setting
540 earlier, same as setting B<SSL_OP_NO_RENEGOTIATION>.
550 B<-EncryptThenMac> is the same as setting B<SSL_OP_NO_ENCRYPT_THEN_MAC>.
574 Disabling anti-replay is equivalent to setting B<SSL_OP_NO_ANTI_REPLAY>.
578 B<-ExtendedMasterSecret> is the same as setting B<SSL_OP_NO_EXTENDED_MASTER_SECRET>.
582 B<-CANames> is the same as setting B<SSL_OP_DISABLE_TLSEXT_CA_NAMES>.
589 setting B<SSL_CERT_FLAG_TLS_STRICT> with SSL_CTX_set_cert_flags().
593 B<-TxCertificateCompression> is the same as setting B<SSL_OP_NO_TX_CERTIFICATE_COMPRESSION>.
597 B<-RxCertificateCompression> is the same as setting B<SSL_OP_NO_RX_CERTIFICATE_COMPRESSION>.

Last Index update Sun Dec 01 18:03:41 UTC 2024

Dedicated to & Maintained by Room-11