Function

SSLSetProtocolVersionEnabled

Sets the allowed Secure Sockets Layer (SSL) protocol versions.

Declaration

OSStatus SSLSetProtocolVersionEnabled(SSLContextRef context, SSLProtocol protocol, Boolean enable);

Parameters

context

An SSL session context reference.

protocol

The SSL protocol version to enable. Pass kSSLProtocolAll to enable all protocols.

enable

A Boolean value indicating whether to enable or disable the specified protocol. Specify true to enable the protocol.

Return Value

A result code. See Secure Transport Result Codes.

Discussion

Calling this function is optional. The default is that all supported protocols are enabled. When you call this function, only the specified protocol is affected. Therefore, if you call it once to disable SSL version 2 (for example), the other protocols all remain enabled. You may call this function as many times as you wish to enable and disable specific protocols. You can specify one of the following values for the protocol parameter:

  • kSSLProtocol2

  • kSSLProtocol3

  • kTLSProtocol1

  • kSSLProtocolAll

This function cannot be called when a session is active.

See Also

Legacy Operations

SSLNewContext

Creates a new Secure Sockets Layer (SSL) session context.

Deprecated
SSLDisposeContext

Disposes of a Secure Sockets Layer (SSL) session context.

Deprecated
SSLGetProtocolVersionEnabled

Retrieves the enabled status of a given protocol.

Deprecated
SSLSetRsaBlinding

Enables or disables RSA blinding.

Deprecated
SSLGetRsaBlinding

Obtains a value indicating whether RSA blinding is enabled.

Deprecated
SSLSetProtocolVersion

Sets the SSL protocol version.

Deprecated
SSLGetProtocolVersion

Gets the SSL protocol version.

Deprecated
SSLSetAllowsAnyRoot

Specifies whether root certificates from unrecognized certification authorities are allowed.

Deprecated
SSLGetAllowsAnyRoot

Obtains a value specifying whether an unknown root is allowed.

Deprecated
SSLSetAllowsExpiredRoots

Specifies whether expired root certificates are allowed.

Deprecated
SSLGetAllowsExpiredRoots

Retrieves the value indicating whether expired roots are allowed.

Deprecated
SSLSetTrustedRoots

Augments or replaces the default set of trusted root certificates for this session.

Deprecated
SSLCopyTrustedRoots

Retrieves the current list of trusted root certificates.

Deprecated
SSLSetAllowsExpiredCerts

Specifies whether certificate expiration times are ignored.

Deprecated
SSLGetAllowsExpiredCerts

Retrieves the value specifying whether expired certificates are allowed.

Deprecated
SSLSetEnableCertVerify

Enables or disables peer certificate chain validation.

Deprecated
SSLGetEnableCertVerify

Determines whether peer certificate chain validation is currently enabled.

Deprecated
SSLSetEncryptionCertificate

Specifies the encryption certificates used for this connection.

Deprecated
SSLCopyPeerCertificates

Retrieves a peer certificate and its certificate chain.

Deprecated