This method allows the caller to over ride the default SSL settings.
For this method to have effect it must be called before a call to open() (see below). This method can be called multiple times in order to modify SSL settings for each connection made. Typically this method would not need to be called as the defaults are meant to handle most cases.
- Parameters
-
| pszCiphers | [ in ] (optional can be NULL) A pointer to a NULL terminated wide character string containing the OpenSSL cipher command (see http://www.openssl.org/docs/apps/ciphers.html). If NULL the secure default will be automatically be used "TLSv1+HIGH:TLSv1.2+HIGH:!SSLv2:!aNULL:!eNULL:!3DES:@STRENGTH" which enables TLSv1.1 and TLSv1.2, disables SSLv2, disables ciphers that do not use authentication, disables 3DES, and prefers the strongest ciphers fist. It does leave SSLv3 enabled however for compatability. This SHOULD be disabled in a production environement. You can disable SSLv3 by passing in the following string: "TLSv1+HIGH:TLSv1.2+HIGH:!SSLv2:!SSLv3:!aNULL:!eNULL:!3DES:@STRENGTH". |
| fSecureFlags | [ in ] Crypto method to use for the secure connection where the default used is (P6SSF_METHOD_NEGOTIATE | P6SSF_SECURE_CLIENT | P6SSF_SECURE_CLIENT_AUTH | P6SSF_LOG_X509SUBJECTLOOKUPS). |
- Returns
| Success | P6R::eOk | |
| Failure | P6R::eNoMemory | Insuffficient memory to properly initialize the component |
| P6R::eNotInitialized | A successful call to initialize() is required. |
| P6R::eInvalidArgument | The value in fSecureFlags is meant for a server not a client. |
