1SSL_CONF_CMD(3) OpenSSL SSL_CONF_CMD(3)
2
3
4
6 SSL_CONF_cmd_value_type, SSL_CONF_cmd - send configuration command
7
9 #include <openssl/ssl.h>
10
11 int SSL_CONF_cmd(SSL_CONF_CTX *cctx, const char *cmd, const char *value);
12 int SSL_CONF_cmd_value_type(SSL_CONF_CTX *cctx, const char *cmd);
13
15 The function SSL_CONF_cmd() performs configuration operation cmd with
16 optional parameter value on ctx. Its purpose is to simplify application
17 configuration of SSL_CTX or SSL structures by providing a common
18 framework for command line options or configuration files.
19
20 SSL_CONF_cmd_value_type() returns the type of value that cmd refers to.
21
23 Currently supported cmd names for command lines (i.e. when the flag
24 SSL_CONF_CMDLINE is set) are listed below. Note: all cmd names are case
25 sensitive. Unless otherwise stated commands can be used by both clients
26 and servers and the value parameter is not used. The default prefix for
27 command line commands is - and that is reflected below.
28
29 -sigalgs
30 This sets the supported signature algorithms for TLSv1.2 and
31 TLSv1.3. For clients this value is used directly for the supported
32 signature algorithms extension. For servers it is used to determine
33 which signature algorithms to support.
34
35 The value argument should be a colon separated list of signature
36 algorithms in order of decreasing preference of the form
37 algorithm+hash or signature_scheme. algorithm is one of RSA, DSA or
38 ECDSA and hash is a supported algorithm OID short name such as
39 SHA1, SHA224, SHA256, SHA384 of SHA512. Note: algorithm and hash
40 names are case sensitive. signature_scheme is one of the signature
41 schemes defined in TLSv1.3, specified using the IETF name, e.g.,
42 ecdsa_secp256r1_sha256, ed25519, or rsa_pss_pss_sha256.
43
44 If this option is not set then all signature algorithms supported
45 by the OpenSSL library are permissible.
46
47 Note: algorithms which specify a PKCS#1 v1.5 signature scheme
48 (either by using RSA as the algorithm or by using one of the
49 rsa_pkcs1_* identifiers) are ignored in TLSv1.3 and will not be
50 negotiated.
51
52 -client_sigalgs
53 This sets the supported signature algorithms associated with client
54 authentication for TLSv1.2 and TLSv1.3. For servers the value is
55 used in the signature_algorithms field of a CertificateRequest
56 message. For clients it is used to determine which signature
57 algorithm to use with the client certificate. If a server does not
58 request a certificate this option has no effect.
59
60 The syntax of value is identical to -sigalgs. If not set then the
61 value set for -sigalgs will be used instead.
62
63 -groups
64 This sets the supported groups. For clients, the groups are sent
65 using the supported groups extension. For servers, it is used to
66 determine which group to use. This setting affects groups used for
67 signatures (in TLSv1.2 and earlier) and key exchange. The first
68 group listed will also be used for the key_share sent by a client
69 in a TLSv1.3 ClientHello.
70
71 The value argument is a colon separated list of groups. The group
72 can be either the NIST name (e.g. P-256), some other commonly used
73 name where applicable (e.g. X25519) or an OpenSSL OID name (e.g.
74 prime256v1). Group names are case sensitive. The list should be in
75 order of preference with the most preferred group first.
76
77 -curves
78 This is a synonym for the "-groups" command.
79
80 -named_curve
81 This sets the temporary curve used for ephemeral ECDH modes. Only
82 used by servers
83
84 The value argument is a curve name or the special value auto which
85 picks an appropriate curve based on client and server preferences.
86 The curve can be either the NIST name (e.g. P-256) or an OpenSSL
87 OID name (e.g. prime256v1). Curve names are case sensitive.
88
89 -cipher
90 Sets the TLSv1.2 and below ciphersuite list to value. This list
91 will be combined with any configured TLSv1.3 ciphersuites. Note:
92 syntax checking of value is currently not performed unless a SSL or
93 SSL_CTX structure is associated with cctx.
94
95 -ciphersuites
96 Sets the available ciphersuites for TLSv1.3 to value. This is a
97 simple colon (":") separated list of TLSv1.3 ciphersuite names in
98 order of preference. This list will be combined any configured
99 TLSv1.2 and below ciphersuites. See ciphers(1) for more
100 information.
101
102 -cert
103 Attempts to use the file value as the certificate for the
104 appropriate context. It currently uses
105 SSL_CTX_use_certificate_chain_file() if an SSL_CTX structure is set
106 or SSL_use_certificate_file() with filetype PEM if an SSL structure
107 is set. This option is only supported if certificate operations are
108 permitted.
109
110 -key
111 Attempts to use the file value as the private key for the
112 appropriate context. This option is only supported if certificate
113 operations are permitted. Note: if no -key option is set then a
114 private key is not loaded unless the flag
115 SSL_CONF_FLAG_REQUIRE_PRIVATE is set.
116
117 -dhparam
118 Attempts to use the file value as the set of temporary DH
119 parameters for the appropriate context. This option is only
120 supported if certificate operations are permitted.
121
122 -record_padding
123 Attempts to pad TLSv1.3 records so that they are a multiple of
124 value in length on send. A value of 0 or 1 turns off padding.
125 Otherwise, the value must be >1 or <=16384.
126
127 -no_renegotiation
128 Disables all attempts at renegotiation in TLSv1.2 and earlier, same
129 as setting SSL_OP_NO_RENEGOTIATION.
130
131 -min_protocol, -max_protocol
132 Sets the minimum and maximum supported protocol. Currently
133 supported protocol values are SSLv3, TLSv1, TLSv1.1, TLSv1.2,
134 TLSv1.3 for TLS; DTLSv1, DTLSv1.2 for DTLS, and None for no limit.
135 If either the lower or upper bound is not specified then only the
136 other bound applies, if specified. If your application supports
137 both TLS and DTLS you can specify any of these options twice, once
138 with a bound for TLS and again with an appropriate bound for DTLS.
139 To restrict the supported protocol versions use these commands
140 rather than the deprecated alternative commands below.
141
142 -no_ssl3, -no_tls1, -no_tls1_1, -no_tls1_2, -no_tls1_3
143 Disables protocol support for SSLv3, TLSv1.0, TLSv1.1, TLSv1.2 or
144 TLSv1.3 by setting the corresponding options SSL_OP_NO_SSLv3,
145 SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1, SSL_OP_NO_TLSv1_2 and
146 SSL_OP_NO_TLSv1_3 respectively. These options are deprecated,
147 instead use -min_protocol and -max_protocol.
148
149 -bugs
150 Various bug workarounds are set, same as setting SSL_OP_ALL.
151
152 -comp
153 Enables support for SSL/TLS compression, same as clearing
154 SSL_OP_NO_COMPRESSION. This command was introduced in OpenSSL
155 1.1.0. As of OpenSSL 1.1.0, compression is off by default.
156
157 -no_comp
158 Disables support for SSL/TLS compression, same as setting
159 SSL_OP_NO_COMPRESSION. As of OpenSSL 1.1.0, compression is off by
160 default.
161
162 -no_ticket
163 Disables support for session tickets, same as setting
164 SSL_OP_NO_TICKET.
165
166 -serverpref
167 Use server and not client preference order when determining which
168 cipher suite, signature algorithm or elliptic curve to use for an
169 incoming connection. Equivalent to
170 SSL_OP_CIPHER_SERVER_PREFERENCE. Only used by servers.
171
172 -prioritize_chacha
173 Prioritize ChaCha ciphers when the client has a ChaCha20 cipher at
174 the top of its preference list. This usually indicates a client
175 without AES hardware acceleration (e.g. mobile) is in use.
176 Equivalent to SSL_OP_PRIORITIZE_CHACHA. Only used by servers.
177 Requires -serverpref.
178
179 -no_resumption_on_reneg
180 set SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION flag. Only used
181 by servers.
182
183 -legacyrenegotiation
184 permits the use of unsafe legacy renegotiation. Equivalent to
185 setting SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION.
186
187 -legacy_server_connect, -no_legacy_server_connect
188 permits or prohibits the use of unsafe legacy renegotiation for
189 OpenSSL clients only. Equivalent to setting or clearing
190 SSL_OP_LEGACY_SERVER_CONNECT. Set by default.
191
192 -allow_no_dhe_kex
193 In TLSv1.3 allow a non-(ec)dhe based key exchange mode on
194 resumption. This means that there will be no forward secrecy for
195 the resumed session.
196
197 -strict
198 enables strict mode protocol handling. Equivalent to setting
199 SSL_CERT_FLAG_TLS_STRICT.
200
201 -anti_replay, -no_anti_replay
202 Switches replay protection, on or off respectively. With replay
203 protection on, OpenSSL will automatically detect if a session
204 ticket has been used more than once, TLSv1.3 has been negotiated,
205 and early data is enabled on the server. A full handshake is forced
206 if a session ticket is used a second or subsequent time. Anti-
207 Replay is on by default unless overridden by a configuration file
208 and is only used by servers. Anti-replay measures are required for
209 compliance with the TLSv1.3 specification. Some applications may be
210 able to mitigate the replay risks in other ways and in such cases
211 the built-in OpenSSL functionality is not required. Switching off
212 anti-replay is equivalent to SSL_OP_NO_ANTI_REPLAY.
213
215 Currently supported cmd names for configuration files (i.e. when the
216 flag SSL_CONF_FLAG_FILE is set) are listed below. All configuration
217 file cmd names are case insensitive so signaturealgorithms is
218 recognised as well as SignatureAlgorithms. Unless otherwise stated the
219 value names are also case insensitive.
220
221 Note: the command prefix (if set) alters the recognised cmd values.
222
223 CipherString
224 Sets the ciphersuite list for TLSv1.2 and below to value. This list
225 will be combined with any configured TLSv1.3 ciphersuites. Note:
226 syntax checking of value is currently not performed unless an SSL
227 or SSL_CTX structure is associated with cctx.
228
229 Ciphersuites
230 Sets the available ciphersuites for TLSv1.3 to value. This is a
231 simple colon (":") separated list of TLSv1.3 ciphersuite names in
232 order of preference. This list will be combined any configured
233 TLSv1.2 and below ciphersuites. See ciphers(1) for more
234 information.
235
236 Certificate
237 Attempts to use the file value as the certificate for the
238 appropriate context. It currently uses
239 SSL_CTX_use_certificate_chain_file() if an SSL_CTX structure is set
240 or SSL_use_certificate_file() with filetype PEM if an SSL structure
241 is set. This option is only supported if certificate operations are
242 permitted.
243
244 PrivateKey
245 Attempts to use the file value as the private key for the
246 appropriate context. This option is only supported if certificate
247 operations are permitted. Note: if no PrivateKey option is set then
248 a private key is not loaded unless the
249 SSL_CONF_FLAG_REQUIRE_PRIVATE is set.
250
251 ChainCAFile, ChainCAPath, VerifyCAFile, VerifyCAPath
252 These options indicate a file or directory used for building
253 certificate chains or verifying certificate chains. These options
254 are only supported if certificate operations are permitted.
255
256 RequestCAFile
257 This option indicates a file containing a set of certificates in
258 PEM form. The subject names of the certificates are sent to the
259 peer in the certificate_authorities extension for TLS 1.3 (in
260 ClientHello or CertificateRequest) or in a certificate request for
261 previous versions or TLS.
262
263 ServerInfoFile
264 Attempts to use the file value in the "serverinfo" extension using
265 the function SSL_CTX_use_serverinfo_file.
266
267 DHParameters
268 Attempts to use the file value as the set of temporary DH
269 parameters for the appropriate context. This option is only
270 supported if certificate operations are permitted.
271
272 RecordPadding
273 Attempts to pad TLSv1.3 records so that they are a multiple of
274 value in length on send. A value of 0 or 1 turns off padding.
275 Otherwise, the value must be >1 or <=16384.
276
277 SignatureAlgorithms
278 This sets the supported signature algorithms for TLSv1.2 and
279 TLSv1.3. For clients this value is used directly for the supported
280 signature algorithms extension. For servers it is used to determine
281 which signature algorithms to support.
282
283 The value argument should be a colon separated list of signature
284 algorithms in order of decreasing preference of the form
285 algorithm+hash or signature_scheme. algorithm is one of RSA, DSA or
286 ECDSA and hash is a supported algorithm OID short name such as
287 SHA1, SHA224, SHA256, SHA384 of SHA512. Note: algorithm and hash
288 names are case sensitive. signature_scheme is one of the signature
289 schemes defined in TLSv1.3, specified using the IETF name, e.g.,
290 ecdsa_secp256r1_sha256, ed25519, or rsa_pss_pss_sha256.
291
292 If this option is not set then all signature algorithms supported
293 by the OpenSSL library are permissible.
294
295 Note: algorithms which specify a PKCS#1 v1.5 signature scheme
296 (either by using RSA as the algorithm or by using one of the
297 rsa_pkcs1_* identifiers) are ignored in TLSv1.3 and will not be
298 negotiated.
299
300 ClientSignatureAlgorithms
301 This sets the supported signature algorithms associated with client
302 authentication for TLSv1.2 and TLSv1.3. For servers the value is
303 used in the signature_algorithms field of a CertificateRequest
304 message. For clients it is used to determine which signature
305 algorithm to use with the client certificate. If a server does not
306 request a certificate this option has no effect.
307
308 The syntax of value is identical to SignatureAlgorithms. If not set
309 then the value set for SignatureAlgorithms will be used instead.
310
311 Groups
312 This sets the supported groups. For clients, the groups are sent
313 using the supported groups extension. For servers, it is used to
314 determine which group to use. This setting affects groups used for
315 signatures (in TLSv1.2 and earlier) and key exchange. The first
316 group listed will also be used for the key_share sent by a client
317 in a TLSv1.3 ClientHello.
318
319 The value argument is a colon separated list of groups. The group
320 can be either the NIST name (e.g. P-256), some other commonly used
321 name where applicable (e.g. X25519) or an OpenSSL OID name (e.g.
322 prime256v1). Group names are case sensitive. The list should be in
323 order of preference with the most preferred group first.
324
325 Curves
326 This is a synonym for the "Groups" command.
327
328 MinProtocol
329 This sets the minimum supported SSL, TLS or DTLS version.
330
331 Currently supported protocol values are SSLv3, TLSv1, TLSv1.1,
332 TLSv1.2, TLSv1.3, DTLSv1 and DTLSv1.2. The SSL and TLS bounds
333 apply only to TLS-based contexts, while the DTLS bounds apply only
334 to DTLS-based contexts. The command can be repeated with one
335 instance setting a TLS bound, and the other setting a DTLS bound.
336 The value None applies to both types of contexts and disables the
337 limits.
338
339 MaxProtocol
340 This sets the maximum supported SSL, TLS or DTLS version.
341
342 Currently supported protocol values are SSLv3, TLSv1, TLSv1.1,
343 TLSv1.2, TLSv1.3, DTLSv1 and DTLSv1.2. The SSL and TLS bounds
344 apply only to TLS-based contexts, while the DTLS bounds apply only
345 to DTLS-based contexts. The command can be repeated with one
346 instance setting a TLS bound, and the other setting a DTLS bound.
347 The value None applies to both types of contexts and disables the
348 limits.
349
350 Protocol
351 This can be used to enable or disable certain versions of the SSL,
352 TLS or DTLS protocol.
353
354 The value argument is a comma separated list of supported protocols
355 to enable or disable. If a protocol is preceded by - that version
356 is disabled.
357
358 All protocol versions are enabled by default. You need to disable
359 at least one protocol version for this setting have any effect.
360 Only enabling some protocol versions does not disable the other
361 protocol versions.
362
363 Currently supported protocol values are SSLv3, TLSv1, TLSv1.1,
364 TLSv1.2, TLSv1.3, DTLSv1 and DTLSv1.2. The special value ALL
365 refers to all supported versions.
366
367 This can't enable protocols that are disabled using MinProtocol or
368 MaxProtocol, but can disable protocols that are still allowed by
369 them.
370
371 The Protocol command is fragile and deprecated; do not use it. Use
372 MinProtocol and MaxProtocol instead. If you do use Protocol, make
373 sure that the resulting range of enabled protocols has no "holes",
374 e.g. if TLS 1.0 and TLS 1.2 are both enabled, make sure to also
375 leave TLS 1.1 enabled.
376
377 Options
378 The value argument is a comma separated list of various flags to
379 set. If a flag string is preceded - it is disabled. See the
380 SSL_CTX_set_options(3) function for more details of individual
381 options.
382
383 Each option is listed below. Where an operation is enabled by
384 default the -flag syntax is needed to disable it.
385
386 SessionTicket: session ticket support, enabled by default. Inverse
387 of SSL_OP_NO_TICKET: that is -SessionTicket is the same as setting
388 SSL_OP_NO_TICKET.
389
390 Compression: SSL/TLS compression support, enabled by default.
391 Inverse of SSL_OP_NO_COMPRESSION.
392
393 EmptyFragments: use empty fragments as a countermeasure against a
394 SSL 3.0/TLS 1.0 protocol vulnerability affecting CBC ciphers. It is
395 set by default. Inverse of SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS.
396
397 Bugs: enable various bug workarounds. Same as SSL_OP_ALL.
398
399 DHSingle: enable single use DH keys, set by default. Inverse of
400 SSL_OP_DH_SINGLE. Only used by servers.
401
402 ECDHSingle: enable single use ECDH keys, set by default. Inverse of
403 SSL_OP_ECDH_SINGLE. Only used by servers.
404
405 ServerPreference: use server and not client preference order when
406 determining which cipher suite, signature algorithm or elliptic
407 curve to use for an incoming connection. Equivalent to
408 SSL_OP_CIPHER_SERVER_PREFERENCE. Only used by servers.
409
410 PrioritizeChaCha: prioritizes ChaCha ciphers when the client has a
411 ChaCha20 cipher at the top of its preference list. This usually
412 indicates a mobile client is in use. Equivalent to
413 SSL_OP_PRIORITIZE_CHACHA. Only used by servers.
414
415 NoResumptionOnRenegotiation: set
416 SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION flag. Only used by
417 servers.
418
419 NoRenegotiation: disables all attempts at renegotiation in TLSv1.2
420 and earlier, same as setting SSL_OP_NO_RENEGOTIATION.
421
422 UnsafeLegacyRenegotiation: permits the use of unsafe legacy
423 renegotiation. Equivalent to
424 SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION.
425
426 UnsafeLegacyServerConnect: permits the use of unsafe legacy
427 renegotiation for OpenSSL clients only. Equivalent to
428 SSL_OP_LEGACY_SERVER_CONNECT. Set by default.
429
430 EncryptThenMac: use encrypt-then-mac extension, enabled by default.
431 Inverse of SSL_OP_NO_ENCRYPT_THEN_MAC: that is, -EncryptThenMac is
432 the same as setting SSL_OP_NO_ENCRYPT_THEN_MAC.
433
434 AllowNoDHEKEX: In TLSv1.3 allow a non-(ec)dhe based key exchange
435 mode on resumption. This means that there will be no forward
436 secrecy for the resumed session. Equivalent to
437 SSL_OP_ALLOW_NO_DHE_KEX.
438
439 MiddleboxCompat: If set then dummy Change Cipher Spec (CCS)
440 messages are sent in TLSv1.3. This has the effect of making TLSv1.3
441 look more like TLSv1.2 so that middleboxes that do not understand
442 TLSv1.3 will not drop the connection. This option is set by
443 default. A future version of OpenSSL may not set this by default.
444 Equivalent to SSL_OP_ENABLE_MIDDLEBOX_COMPAT.
445
446 AntiReplay: If set then OpenSSL will automatically detect if a
447 session ticket has been used more than once, TLSv1.3 has been
448 negotiated, and early data is enabled on the server. A full
449 handshake is forced if a session ticket is used a second or
450 subsequent time. This option is set by default and is only used by
451 servers. Anti-replay measures are required to comply with the
452 TLSv1.3 specification. Some applications may be able to mitigate
453 the replay risks in other ways and in such cases the built-in
454 OpenSSL functionality is not required. Disabling anti-replay is
455 equivalent to setting SSL_OP_NO_ANTI_REPLAY.
456
457 VerifyMode
458 The value argument is a comma separated list of flags to set.
459
460 Peer enables peer verification: for clients only.
461
462 Request requests but does not require a certificate from the
463 client. Servers only.
464
465 Require requests and requires a certificate from the client: an
466 error occurs if the client does not present a certificate. Servers
467 only.
468
469 Once requests a certificate from a client only on the initial
470 connection: not when renegotiating. Servers only.
471
472 RequestPostHandshake configures the connection to support requests
473 but does not require a certificate from the client post-handshake.
474 A certificate will not be requested during the initial handshake.
475 The server application must provide a mechanism to request a
476 certificate post-handshake. Servers only. TLSv1.3 only.
477
478 RequiresPostHandshake configures the connection to support requests
479 and requires a certificate from the client post-handshake: an error
480 occurs if the client does not present a certificate. A certificate
481 will not be requested during the initial handshake. The server
482 application must provide a mechanism to request a certificate post-
483 handshake. Servers only. TLSv1.3 only.
484
485 ClientCAFile, ClientCAPath
486 A file or directory of certificates in PEM format whose names are
487 used as the set of acceptable names for client CAs. Servers only.
488 This option is only supported if certificate operations are
489 permitted.
490
492 The function SSL_CONF_cmd_value_type() currently returns one of the
493 following types:
494
495 SSL_CONF_TYPE_UNKNOWN
496 The cmd string is unrecognised, this return value can be use to
497 flag syntax errors.
498
499 SSL_CONF_TYPE_STRING
500 The value is a string without any specific structure.
501
502 SSL_CONF_TYPE_FILE
503 The value is a filename.
504
505 SSL_CONF_TYPE_DIR
506 The value is a directory name.
507
508 SSL_CONF_TYPE_NONE
509 The value string is not used e.g. a command line option which
510 doesn't take an argument.
511
513 The order of operations is significant. This can be used to set either
514 defaults or values which cannot be overridden. For example if an
515 application calls:
516
517 SSL_CONF_cmd(ctx, "Protocol", "-SSLv3");
518 SSL_CONF_cmd(ctx, userparam, uservalue);
519
520 it will disable SSLv3 support by default but the user can override it.
521 If however the call sequence is:
522
523 SSL_CONF_cmd(ctx, userparam, uservalue);
524 SSL_CONF_cmd(ctx, "Protocol", "-SSLv3");
525
526 SSLv3 is always disabled and attempt to override this by the user are
527 ignored.
528
529 By checking the return code of SSL_CONF_cmd() it is possible to query
530 if a given cmd is recognised, this is useful if SSL_CONF_cmd() values
531 are mixed with additional application specific operations.
532
533 For example an application might call SSL_CONF_cmd() and if it returns
534 -2 (unrecognised command) continue with processing of application
535 specific commands.
536
537 Applications can also use SSL_CONF_cmd() to process command lines
538 though the utility function SSL_CONF_cmd_argv() is normally used
539 instead. One way to do this is to set the prefix to an appropriate
540 value using SSL_CONF_CTX_set1_prefix(), pass the current argument to
541 cmd and the following argument to value (which may be NULL).
542
543 In this case if the return value is positive then it is used to skip
544 that number of arguments as they have been processed by SSL_CONF_cmd().
545 If -2 is returned then cmd is not recognised and application specific
546 arguments can be checked instead. If -3 is returned a required argument
547 is missing and an error is indicated. If 0 is returned some other error
548 occurred and this can be reported back to the user.
549
550 The function SSL_CONF_cmd_value_type() can be used by applications to
551 check for the existence of a command or to perform additional syntax
552 checking or translation of the command value. For example if the return
553 value is SSL_CONF_TYPE_FILE an application could translate a relative
554 pathname to an absolute pathname.
555
557 SSL_CONF_cmd() returns 1 if the value of cmd is recognised and value is
558 NOT used and 2 if both cmd and value are used. In other words it
559 returns the number of arguments processed. This is useful when
560 processing command lines.
561
562 A return value of -2 means cmd is not recognised.
563
564 A return value of -3 means cmd is recognised and the command requires a
565 value but value is NULL.
566
567 A return code of 0 indicates that both cmd and value are valid but an
568 error occurred attempting to perform the operation: for example due to
569 an error in the syntax of value in this case the error queue may
570 provide additional information.
571
573 Set supported signature algorithms:
574
575 SSL_CONF_cmd(ctx, "SignatureAlgorithms", "ECDSA+SHA256:RSA+SHA256:DSA+SHA256");
576
577 There are various ways to select the supported protocols.
578
579 This set the minimum protocol version to TLSv1, and so disables SSLv3.
580 This is the recommended way to disable protocols.
581
582 SSL_CONF_cmd(ctx, "MinProtocol", "TLSv1");
583
584 The following also disables SSLv3:
585
586 SSL_CONF_cmd(ctx, "Protocol", "-SSLv3");
587
588 The following will first enable all protocols, and then disable SSLv3.
589 If no protocol versions were disabled before this has the same effect
590 as "-SSLv3", but if some versions were disables this will re-enable
591 them before disabling SSLv3.
592
593 SSL_CONF_cmd(ctx, "Protocol", "ALL,-SSLv3");
594
595 Only enable TLSv1.2:
596
597 SSL_CONF_cmd(ctx, "MinProtocol", "TLSv1.2");
598 SSL_CONF_cmd(ctx, "MaxProtocol", "TLSv1.2");
599
600 This also only enables TLSv1.2:
601
602 SSL_CONF_cmd(ctx, "Protocol", "-ALL,TLSv1.2");
603
604 Disable TLS session tickets:
605
606 SSL_CONF_cmd(ctx, "Options", "-SessionTicket");
607
608 Enable compression:
609
610 SSL_CONF_cmd(ctx, "Options", "Compression");
611
612 Set supported curves to P-256, P-384:
613
614 SSL_CONF_cmd(ctx, "Curves", "P-256:P-384");
615
617 SSL_CONF_CTX_new(3), SSL_CONF_CTX_set_flags(3),
618 SSL_CONF_CTX_set1_prefix(3), SSL_CONF_CTX_set_ssl_ctx(3),
619 SSL_CONF_cmd_argv(3), SSL_CTX_set_options(3)
620
622 The SSL_CONF_cmd() function was added in OpenSSL 1.0.2.
623
624 The SSL_OP_NO_SSL2 option doesn't have effect since 1.1.0, but the
625 macro is retained for backwards compatibility.
626
627 The SSL_CONF_TYPE_NONE was added in OpenSSL 1.1.0. In earlier versions
628 of OpenSSL passing a command which didn't take an argument would return
629 SSL_CONF_TYPE_UNKNOWN.
630
631 MinProtocol and MaxProtocol where added in OpenSSL 1.1.0.
632
633 AllowNoDHEKEX and PrioritizeChaCha were added in OpenSSL 1.1.1.
634
636 Copyright 2012-2020 The OpenSSL Project Authors. All Rights Reserved.
637
638 Licensed under the OpenSSL license (the "License"). You may not use
639 this file except in compliance with the License. You can obtain a copy
640 in the file LICENSE in the source distribution or at
641 <https://www.openssl.org/source/license.html>.
642
643
644
6451.1.1k 2021-03-26 SSL_CONF_CMD(3)