You don't have to call either. Both have sensible defaults. Especially, with TLS 1.3, there is generally little reason to choose non-default ciphers. > On Oct 26, 2018, at 6:12 PM, Skip Carter <skip@xxxxxxxxxxx> wrote: > > If my application will support both TLSv1.2 and TLSv1.3 connections to > it (depending who is connecting), do I have to call both > SSL_CTX_set_ciphersuites() and SSL_CTX_set_cipher_list() when setting > up my context? If you're doing something unusual, or provide a configurable interface with optional overrides of the ciphers to the application users, you can customize either or both lists. -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
