Shouldn't be using such old TLS versions. Glad they put in options

for this. Really want 1.3 only but not clear if disabling 1.2 means 1.3 can still run. Not using it at this point anyway, just came up when reviewing all options for other reasons.
2025-07-30 18:58:07 +02:00 · 2020-03-01 11:21:10 -08:00
parent 5b9c222025
commit e23eafd049
1 changed files with 2 additions and 2 deletions
--- a/4
+++ b/4
@ -410,8 +410,8 @@ CONFIG_MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA=y
 CONFIG_MBEDTLS_KEY_EXCHANGE_ECDH_RSA=y
 CONFIG_MBEDTLS_SSL_RENEGOTIATION=y
 # CONFIG_MBEDTLS_SSL_PROTO_SSL3 is not set
-CONFIG_MBEDTLS_SSL_PROTO_TLS1=y
-CONFIG_MBEDTLS_SSL_PROTO_TLS1_1=y
+# CONFIG_MBEDTLS_SSL_PROTO_TLS1 is not set
+# CONFIG_MBEDTLS_SSL_PROTO_TLS1_1 is not set
 CONFIG_MBEDTLS_SSL_PROTO_TLS1_2=y
 # CONFIG_MBEDTLS_SSL_PROTO_DTLS is not set
 CONFIG_MBEDTLS_SSL_ALPN=y