aboutsummaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2019-05-27 08:01:18 +0200
committerDaniel Stenberg <daniel@haxx.se>2019-06-02 16:15:45 +0200
commit7e590b3ecd2d4c061d8e001b25b869460bbdc560 (patch)
treec0cb5d970f5069b4099b78181c107e6612e44a70 /docs
parentca09d96574e6a321fa141182bfa7c18faa7cd627 (diff)
tls13-docs: mention it is only for OpenSSL >= 1.1.1
Reported-by: Jay Satiro Co-authored-by: Jay Satiro Fixes #3938 Closes #3946
Diffstat (limited to 'docs')
-rw-r--r--docs/CIPHERS.md5
-rw-r--r--docs/cmdline-opts/proxy-tls13-ciphers.d4
-rw-r--r--docs/cmdline-opts/tls13-ciphers.d4
-rw-r--r--docs/libcurl/opts/CURLOPT_PROXY_TLS13_CIPHERS.34
-rw-r--r--docs/libcurl/opts/CURLOPT_TLS13_CIPHERS.34
5 files changed, 19 insertions, 2 deletions
diff --git a/docs/CIPHERS.md b/docs/CIPHERS.md
index 5c0fffea9..5b2dde189 100644
--- a/docs/CIPHERS.md
+++ b/docs/CIPHERS.md
@@ -6,11 +6,12 @@ and
[`--ciphers`](https://curl.haxx.se/docs/manpage.html#--ciphers)
users can control which ciphers to consider when negotiating TLS connections.
-TLS 1.3 ciphers are supported since curl 7.61 with options
+TLS 1.3 ciphers are supported since curl 7.61 for OpenSSL 1.1.1+ with options
[`CURLOPT_TLS13_CIPHERS`](https://curl.haxx.se/libcurl/c/CURLOPT_TLS13_CIPHERS.html)
and
[`--tls13-ciphers`](https://curl.haxx.se/docs/manpage.html#--tls13-ciphers)
-.
+. If you are using a different SSL backend you can try setting TLS 1.3 cipher
+suites by using the respective regular cipher option.
The names of the known ciphers differ depending on which TLS backend that
libcurl was built to use. This is an attempt to list known cipher names.
diff --git a/docs/cmdline-opts/proxy-tls13-ciphers.d b/docs/cmdline-opts/proxy-tls13-ciphers.d
index 3e35b0764..08961b72e 100644
--- a/docs/cmdline-opts/proxy-tls13-ciphers.d
+++ b/docs/cmdline-opts/proxy-tls13-ciphers.d
@@ -9,4 +9,8 @@ ciphers. Read up on TLS 1.3 cipher suite details on this URL:
https://curl.haxx.se/docs/ssl-ciphers.html
+This option is currently used only when curl is built to use OpenSSL 1.1.1 or
+later. If you are using a different SSL backend you can try setting TLS 1.3
+cipher suites by using the --proxy-ciphers option.
+
If this option is used several times, the last one will be used.
diff --git a/docs/cmdline-opts/tls13-ciphers.d b/docs/cmdline-opts/tls13-ciphers.d
index add161595..654a25b4c 100644
--- a/docs/cmdline-opts/tls13-ciphers.d
+++ b/docs/cmdline-opts/tls13-ciphers.d
@@ -9,4 +9,8 @@ cipher suite details on this URL:
https://curl.haxx.se/docs/ssl-ciphers.html
+This option is currently used only when curl is built to use OpenSSL 1.1.1 or
+later. If you are using a different SSL backend you can try setting TLS 1.3
+cipher suites by using the --ciphers option.
+
If this option is used several times, the last one will be used.
diff --git a/docs/libcurl/opts/CURLOPT_PROXY_TLS13_CIPHERS.3 b/docs/libcurl/opts/CURLOPT_PROXY_TLS13_CIPHERS.3
index fe3a6b71c..e08d72146 100644
--- a/docs/libcurl/opts/CURLOPT_PROXY_TLS13_CIPHERS.3
+++ b/docs/libcurl/opts/CURLOPT_PROXY_TLS13_CIPHERS.3
@@ -37,6 +37,10 @@ You'll find more details about cipher lists on this URL:
https://curl.haxx.se/docs/ssl-ciphers.html
+This option is currently used only when curl is built to use OpenSSL 1.1.1 or
+later. If you are using a different SSL backend you can try setting TLS 1.3
+cipher suites by using the CURLOPT_PROXY_SSL_CIPHER_LIST option.
+
The application does not have to keep the string around after setting this
option.
.SH DEFAULT
diff --git a/docs/libcurl/opts/CURLOPT_TLS13_CIPHERS.3 b/docs/libcurl/opts/CURLOPT_TLS13_CIPHERS.3
index 4c452deca..e56aa535c 100644
--- a/docs/libcurl/opts/CURLOPT_TLS13_CIPHERS.3
+++ b/docs/libcurl/opts/CURLOPT_TLS13_CIPHERS.3
@@ -36,6 +36,10 @@ You'll find more details about cipher lists on this URL:
https://curl.haxx.se/docs/ssl-ciphers.html
+This option is currently used only when curl is built to use OpenSSL 1.1.1 or
+later. If you are using a different SSL backend you can try setting TLS 1.3
+cipher suites by using the CURLOPT_SSL_CIPHER_LIST option.
+
The application does not have to keep the string around after setting this
option.
.SH DEFAULT