Skip to content

Allow TLSv1 protocol by default #191

Closed
wants to merge 1 commit into from

4 participants

@betelgeuse

The current settings means httpclient will only do SSLv3 protocol. Using
the SSLv23 actually means trying to find the a working one including
TLSv1. For more details see:

http://www.openssl.org/docs/ssl/SSL_CTX_new.html

Here's also information on the same topic:

http://stackoverflow.com/questions/11059059/is-it-possible-to-enable-tls-v1-2-in-ruby-if-so-how

@betelgeuse betelgeuse Allow TLSv1 protocol by default
The current settings means httpclient will only do SSLv3 protocol. Using
the SSLv23 actually means trying to find the a working one including
TLSv1. For more details see:

http://www.openssl.org/docs/ssl/SSL_CTX_new.html
04618bf
@buildhive

Hiroshi Nakamura » httpclient #103 SUCCESS
This pull request looks good
(what's this?)

@glebtv glebtv added a commit to glebtv/httpclient that referenced this pull request Feb 2, 2014
@glebtv glebtv Allow SSLv2 also, fix spec 016035c
@terabyte

+1 on this PR please! With the heartbleed problem, many are switching to TLSv1_1 to attempt to get perfect forward secrecy, but it causes openssl to ignore HELO from SSLv2 and SSLv3, breaking things like httpclient with the current defaults. The link betelgeuse provided explains it all.

@nahi
Owner
nahi commented May 21, 2014

I merged #186 and #204 for making httpclient do netogiate SSL version. Thank you!

@nahi nahi closed this May 21, 2014
@betelgeuse betelgeuse deleted the betelgeuse:better_default_for_protocol_selection branch Aug 5, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.