SSL_CTX_new man page on DigitalUNIX
Man page or keyword search:  
man Server   12896 pages
apropos Keyword Search (all sections)
Output format
DigitalUNIX logo
[printable version] 
SSL_CTX_new(3)							SSL_CTX_new(3)

NAME
       SSL_CTX_new  -  Create  a  new  SSL_CTX object as framework for TLS/SSL
       enabled functions

SYNOPSIS
       #include <openssl/ssl.h>

       SSL_CTX *SSL_CTX_new(
	       SSL_METHOD *method );

DESCRIPTION
       The SSL_CTX_new() function creates a new SSL_CTX object as framework to
       establish TLS/SSL enabled connections.

NOTES
       The  SSL_CTX object uses method as connection method. The methods exist
       in a generic type (for client and server use), a server only type,  and
       a client only type. The method can be of the following types: A TLS/SSL
       connection established with these  methods  will	 only  understand  the
       SSLv2  protocol. A client will send out SSLv2 client hello messages and
       will also indicate that it only understand SSLv2.  A server  will  only
       understand  SSLv2  client  hello messages.  A TLS/SSL connection estab‐
       lished with these methods will only understand the  SSLv3  protocol.  A
       client will send out SSLv3 client hello messages and will indicate that
       it only understands SSLv3. A server will only understand	 SSLv3	client
       hello  messages.	 This  especially  means,  that it will not understand
       SSLv2 client hello messages which are  widely  used  for	 compatibility
       reasons.	 See SSLv23_*_method().	 A TLS/SSL connection established with
       these methods will only understand the TLSv1 protocol.  A  client  will
       send  out  TLSv1	 client	 hello messages and will indicate that it only
       understands TLSv1. A server will only  understand  TLSv1	 client	 hello
       messages.  This	especially  means,  that  it will not understand SSLv2
       client hello messages which are widely used for compatibility  reasons,
       see  SSLv23_*_method().	It will also not understand SSLv3 client hello
       messages.  A TLS/SSL connection established  with  these	 methods  will
       understand the SSLv2, SSLv3, and TLSv1 protocol. A client will send out
       SSLv2 client hello messages and will indicate that it also  understands
       SSLv3  and  TLSv1.  A  server  will  understand SSLv2, SSLv3, and TLSv1
       client hello messages.  This is the best choice when compatibility is a
       concern.

       The  list  of  protocols	 available  can	 later	be  limited  using the
       SSL_OP_NO_SSLv2,	 SSL_OP_NO_SSLv3,  SSL_OP_NO_TLSv1  options   of   the
       SSL_CTX_set_options()  or  SSL_set_options()  functions.	  Using	 these
       options, it is possible to choose the SSLv23_server_method()  function,
       for example, and be able to negotiate with all possible clients, but to
       only allow newer protocols like SSLv3 or TLSv1.

       The SSL_CTX_new() function initializes the list of ciphers, the session
       cache  setting,	the  callbacks,	 the  keys  and	 certificates, and the
       options to its default values.

RETURN VALUES
       The following return values can occur: The creation of  a  new  SSL_CTX
       object  failed.	 Check	the  error stack to determine the reason.  The
       return value points to an allocated SSL_CTX object.

SEE ALSO
       Functions:   SSL_CTX_free(3),   SSL_accept(3),	ssl(3),	  SSL_set_con‐
       nect_state(3)

								SSL_CTX_new(3)
[top]

List of man pages available for DigitalUNIX

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net