path: root/wpa_supplicant/wpa_supplicant.conf
diff options
authorJouni Malinen <j@w1.fi>2015-07-08 16:25:10 (GMT)
committerJouni Malinen <j@w1.fi>2015-07-08 16:27:57 (GMT)
commit5650d379a344482d47cb7b83fc314d5a6adbe5e1 (patch)
tree325584bb9a676bede06395c9610607b30da633de /wpa_supplicant/wpa_supplicant.conf
parent2456264fad1ecd400776afde0cf09d18448dbb4b (diff)
OpenSSL: Add option to disable use of TLSv1.0
The new phase1 config parameter value tls_disable_tlsv1_0=1 can now be used to disable use of TLSv1.0 for a network configuration. This can be used to force a newer TLS version to be used. For example, phase1="tls_disable_tlsv1_0=1 tls_disable_tlsv1_1=1" would indicate that only TLS v1.2 is accepted. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'wpa_supplicant/wpa_supplicant.conf')
1 files changed, 1 insertions, 0 deletions
diff --git a/wpa_supplicant/wpa_supplicant.conf b/wpa_supplicant/wpa_supplicant.conf
index d380965..b93d3ff 100644
--- a/wpa_supplicant/wpa_supplicant.conf
+++ b/wpa_supplicant/wpa_supplicant.conf
@@ -986,6 +986,7 @@ fast_reauth=1
# EAP workarounds are disabled with eap_workaround=0.
# For EAP-FAST, this must be set to 0 (or left unconfigured for the
# default value to be used automatically).
+# tls_disable_tlsv1_0=1 - disable use of TLSv1.0
# tls_disable_tlsv1_1=1 - disable use of TLSv1.1 (a workaround for AAA servers
# that have issues interoperating with updated TLS version)
# tls_disable_tlsv1_2=1 - disable use of TLSv1.2 (a workaround for AAA servers