On 08/07/2020 16:28, Viktor Dukhovni wrote: >> How could I set the a System default "MinProtocol" for DTLS and TLS to 1.2? > > AFAIK, that's not presently possible. You can specify application > profiles, for applications that specify an application name when > initializing OpenSSL. Or use the OPENSSL_CONF environment variable to > select an alternative configuration file for DTLS applications. > Arguably, that is a bug. You *should* be able to do that - perhaps based on some sensible mapping between TLS protocol versions based on whether we have a DTLS or TLS based SSL_METHOD. Matt
