Changeset 40260 in project


Ignore:
Timestamp:
07/05/21 22:32:19 (4 weeks ago)
Author:
Vasilij Schneidermann
Message:

openssl: Adjust socket examples to use maximum supported TLS version (and verify connections)

File:
1 edited

Legend:

Unmodified
Added
Removed
  • wiki/eggref/5/openssl

    r40259 r40260  
    273273===== Example
    274274
    275 Launch Spiffy with TLSv1.2 and TLSv1.3 support:
     275Launch [[/egg/spiffy|spiffy]] using TLSv1.2 and TLSv1.3 (if supported):
    276276
    277277<enscript highlight="scheme">
     
    289289(server-port port)
    290290(define listener (ssl-listen* port: port
    291                               protocol: '(tlsv12 . tlsv13)
     291                              protocol: (cons 'tlsv12 ssl-max-protocol)
    292292                              certificate: public-key
    293293                              private-key: private-key))
     
    295295</enscript>
    296296
    297 Make a http-client request using TLSv1.2 or TLSv1.3:
     297Make a [[/egg/http-client|http-client]] request using TLSv1.2 or TLSv1.3 (if supported):
    298298
    299299<enscript highlight="scheme">
     
    310310                   (ssl-connect* hostname: (uri-host remote-end)
    311311                                 port: (uri-port remote-end)
    312                                  protocol: 'tlsv12
    313                                  ;; protocol: '(tlsv1 . tlsv12)
    314                                  sni-name: #t
    315                                  verify?: #f)
     312                                 protocol: (cons 'tlsv12 ssl-max-protocol)
     313                                 sni-name: #t)
    316314                 (if (and in out) ; Ugly, but necessary
    317315                     (values in out)
Note: See TracChangeset for help on using the changeset viewer.