MONIT-33: Add support for TLSv1.1 and TLSv1.2

Issue #14 resolved
Toon Schoenmakers created an issue

Currently with TCPSSL you are only able to force to one of the following SSLV2,SSLV3, TLSV1. TLSv1.1 and TLSv1.2 should be in this list as well in my opinion. The amount of applications only supporting one of these is currently probably very low, but I had an internal one. Additionally it maybe would be nice if you could configure the cipher suites.

Comments (5)

  1. Tildeslash repo owner

    Thanks for suggestion. This commit adds client support for using TLS version 1.1 and 1.2. Server side, Monit is still on TLSv1 for now. A recent 1.x version of OpenSSL is required and of course that the server speaks this TLS version. At this time, not many does. Use tlsv11 or tlsv12. Example: if failed port 443 with type TCPSSL tlsv11 protocol http then alert

    Configuring the cipher suites might be added in a later release, for now the default should be fairly general useful and you can always change and recompile.

  2. Log in to comment