|
@@ -178,12 +178,17 @@ See L<openssl-ciphers(1)> for more information.
|
|
|
|
|
|
=item B<-min_protocol> I<minprot>, B<-max_protocol> I<maxprot>
|
|
|
|
|
|
-Sets the minimum and maximum supported protocol. Currently supported
|
|
|
-protocol values are B<SSLv3>, B<TLSv1>, B<TLSv1.1>, B<TLSv1.2>, B<TLSv1.3>
|
|
|
-for TLS and B<DTLSv1>, B<DTLSv1.2> for DTLS, and B<None> for no limit.
|
|
|
-If either bound is not specified then only the other bound applies,
|
|
|
-if specified. To restrict the supported protocol versions use these
|
|
|
-commands rather than the deprecated alternative commands below.
|
|
|
+Sets the minimum and maximum supported protocol.
|
|
|
+Currently supported protocol values are B<SSLv3>, B<TLSv1>, B<TLSv1.1>,
|
|
|
+B<TLSv1.2>, B<TLSv1.3> for TLS; B<DTLSv1>, B<DTLSv1.2> for DTLS, and B<None>
|
|
|
+for no limit.
|
|
|
+If either the lower or upper bound is not specified then only the other bound
|
|
|
+applies, if specified.
|
|
|
+If your application supports both TLS and DTLS you can specify any of these
|
|
|
+options twice, once with a bound for TLS and again with an appropriate bound
|
|
|
+for DTLS.
|
|
|
+To restrict the supported protocol versions use these commands rather than the
|
|
|
+deprecated alternative commands below.
|
|
|
|
|
|
=item B<-record_padding> I<padding>
|
|
|
|
|
@@ -389,7 +394,11 @@ This sets the minimum supported SSL, TLS or DTLS version.
|
|
|
|
|
|
Currently supported protocol values are B<SSLv3>, B<TLSv1>, B<TLSv1.1>,
|
|
|
B<TLSv1.2>, B<TLSv1.3>, B<DTLSv1> and B<DTLSv1.2>.
|
|
|
-The value B<None> will disable the limit.
|
|
|
+The SSL and TLS bounds apply only to TLS-based contexts, while the DTLS bounds
|
|
|
+apply only to DTLS-based contexts.
|
|
|
+The command can be repeated with one instance setting a TLS bound, and the
|
|
|
+other setting a DTLS bound.
|
|
|
+The value B<None> applies to both types of contexts and disables the limits.
|
|
|
|
|
|
=item B<MaxProtocol>
|
|
|
|
|
@@ -397,7 +406,11 @@ This sets the maximum supported SSL, TLS or DTLS version.
|
|
|
|
|
|
Currently supported protocol values are B<SSLv3>, B<TLSv1>, B<TLSv1.1>,
|
|
|
B<TLSv1.2>, B<TLSv1.3>, B<DTLSv1> and B<DTLSv1.2>.
|
|
|
-The value B<None> will disable the limit.
|
|
|
+The SSL and TLS bounds apply only to TLS-based contexts, while the DTLS bounds
|
|
|
+apply only to DTLS-based contexts.
|
|
|
+The command can be repeated with one instance setting a TLS bound, and the
|
|
|
+other setting a DTLS bound.
|
|
|
+The value B<None> applies to both types of contexts and disables the limits.
|
|
|
|
|
|
=item B<Protocol>
|
|
|
|