Hi Roger,
the default in the C client is to use the OpenSSL "ALL" cipher list,
which the OpenSSL doc describes as:
- ALL
-
all cipher suites except the eNULL
ciphers which must be explicitly enabled; as of OpenSSL, the
ALL cipher suites are
reasonably ordered by default
Presumably the exact suites and ordering will vary between OpenSSL
versions. Individual sets of cipher suites can be used like this:
sslopts.enabledCipherSuites = "TLSv1.2";
Ian
On 02/05/2015 11:55 AM, Roger Light
wrote:
Hi Chris,
SSL23_GET_CLIENT_HELLO:unknown protocol.
Which was the same Error I got when not specifying the tls protocol version
in Python. Is there any way in the C API to set the SSL/TLS Version?
Just to add something here, mosquitto 1.4 will allow (and default) to
TLS 1.0, 1.1 and 1.2 on the same listener. Previous versions only
allowed one protocol per listener, which is presumably why you're
having the problem.
Regards,
Roger
_______________________________________________
paho-dev mailing list
paho-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/paho-dev
--
Ian Craggs
icraggs@xxxxxxxxxx IBM United Kingdom
Paho Project Lead; Committer on Mosquitto
|