> On Feb 10, 2016, at 9:03 PM, Jeffrey Walton <noloader at gmail.com> wrote: > > How do we work around a server that seems to require SSLv23_method? Don't think of this as a work-around. You SHOULD use the version-flexible method (renamed from SSLv23_method() to TLS_method() in master). You should then disable unwanted protocols that are too weak. In master use the new min/max version controls and avoid the SSL_OP_NO_<some_version> macros. In 1.0.x, use the macros to disable some contiguous set of protocol versions starting at SSLv2. -- Viktor.
