path: root/doc/man5
diff options
authorJung-uk Kim <jkim@FreeBSD.org>2020-03-17 21:27:57 +0000
committerJung-uk Kim <jkim@FreeBSD.org>2020-03-17 21:27:57 +0000
commitaa144ced5d61b5c7fb74acaebb37d85bd08f0416 (patch)
tree2de6902cff4b007f4fae30a7d6c546b4dd3d1740 /doc/man5
parentfbc3ad1ae1976eb5f2bac351260f2c5ee255c27f (diff)
Import OpenSSL 1.1.1e.vendor/openssl/1.1.1e
Notes: svn path=/vendor-crypto/openssl/dist/; revision=359051 svn path=/vendor-crypto/openssl/1.1.1e/; revision=359052; tag=vendor/openssl/1.1.1e
Diffstat (limited to 'doc/man5')
1 files changed, 17 insertions, 1 deletions
diff --git a/doc/man5/config.pod b/doc/man5/config.pod
index 992fdfccf917..7b50b099198c 100644
--- a/doc/man5/config.pod
+++ b/doc/man5/config.pod
@@ -355,6 +355,22 @@ Simple OpenSSL library configuration example to enter FIPS mode:
Note: in the above example you will get an error in non FIPS capable versions
of OpenSSL.
+Simple OpenSSL library configuration to make TLS 1.3 the system-default
+minimum TLS version:
+ # Toplevel section for openssl (including libssl)
+ openssl_conf = default_conf_section
+ [default_conf_section]
+ # We only specify configuration for the "ssl module"
+ ssl_conf = ssl_section
+ [ssl_section]
+ system_default = system_default_section
+ [system_default_section]
+ MinProtocol = TLSv1.3
More complex OpenSSL library configuration. Add OID and don't enter FIPS mode:
# Default appname: should match "appname" parameter (if any)
@@ -426,7 +442,7 @@ L<x509(1)>, L<req(1)>, L<ca(1)>
-Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy