On Jul 27, 2015, at 2:52 PM, Praveen Pvs <meetpraveenpvs_at_gmail.com> wrote:
> should we use specific version of TLS library?

Yes, you will indeed need a recent enough version to support TLSv1.2.

If you are using a *nix system, you are probably using OpenSSL or LibreSSL as your TLS library. If this is the case, the command "openssl version" should display the exact version.

In OpenSSL, support for TLSv1.2 was added in version 1.0.1, so any version prior to that will not be able to provide TLSv1.2 facilities for curl.

In fact, you should be able to simply upgrade your OpenSSL library without any other changes to your curl version or configuration, and curl should then be able to connect to your TLSv1.2-only server. Since you say the server is already enforcing the TLSv1.2 requirement, all you really need is for the SSL/TSL library used by curl to support TLSv1.2 - there is no particular requirement to upgrade and configure curl so as to force TLSv1.2 from its end.

-Aaron

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2015-07-28