Components All New MacOS Windows Linux iOS
Examples Mac & Win Server Client Guides Statistic FMM Blog Deprecated Old

CURL.SetOptionSSLVersion

Sets which version of SSL/TLS to attempt to use.

Component Version macOS Windows Linux Server iOS SDK
CURL 2.5 ✅ Yes ✅ Yes ✅ Yes ✅ Yes ✅ Yes
MBS( "CURL.SetOptionSSLVersion"; curl; Value )   More

Parameters

Parameter Description Example
curl The CURL session handle. $curl
Value Pass number from 0 to 7. 0

Result

Returns "OK" on success.

Description

Sets which version of SSL/TLS to attempt to use.
The SSL and TLS versions have typically developed from the most insecure version to be more and more secure in this order through history: SSL v2, SSLv3, TLS v1.0, TLS v1.1, TLS v1.2 and the most recent TLS v1.3.

Use one of the available defines for this purpose. The available options are:

Default0The default acceptable version range. The minimum acceptable version is by default TLS v1.0 since 7.39.0 (unless the TLS library has a stricter rule).
TLSv11TLS v1.0 or later
SSLv22SSL v2 (but not SSLv3)
SSLv33SSL v3 (but not SSLv2)
TLSv1.04TLS v1.0 or later (Added in 7.34.0)
TLSv1.15TLS v1.1 or later (Added in 7.34.0)
TLSv1.26TLS v1.2 or later (Added in 7.34.0)
TLSv1.37TLS v1.3 or later (Added in 7.52.0)

See also kSSLVersion* constants.

The maximum TLS version can be set by using one of the CURL_SSLVERSION_MAX_ macros below. It is also possible to OR one of the CURL_SSLVERSION_ macros with one of the CURL_SSLVERSION_MAX_ macros.

Default65536The flag defines the maximum supported TLS version by libcurl, or the default value from the SSL library is used. libcurl will use a sensible default maximum, which was TLS v1.2 up to before 7.61.0 and is TLS v1.3 since then - assuming the TLS library support it. (Added in 7.54.0)
Max TLSv1.0262144The flag defines maximum supported TLS version as TLS v1.0. (Added in 7.54.0)
Max TLSv1.1327680The flag defines maximum supported TLS version as TLS v1.1. (Added in 7.54.0)
Max TLSv1.2393216The flag defines maximum supported TLS version as TLS v1.2. (Added in 7.54.0)
Max TLSv1.3458752The flag defines maximum supported TLS version as TLS v1.3. (Added in 7.54.0)

Please note that MBS Plugin does support TLS v1.3 since end of 2018.

See also SSLVERSION option in CURL manual.

Examples

SMTP via SSL without TLS:

$r = MBS( "CURL.SetOptionSSLVersion"; $curl; 3 )
$r = MBS( "CURL.SetOptionPort"; $curl; 25 )

Set to use TLSv1.2:

Set Variable [$r; MBS( "CURL.SetOptionUseSSL"; $curl; 3 ) // encryption required ]
Set Variable [$r; MBS( "CURL.SetOptionSSLVersion"; $curl; 6 ) // TLS v1.2 ]

Do FTPS by using FTP and upgrade to TLS:

# Start new session
Set Variable [ $curl ; Value: MBS("CURL.New") ]
# Set URL to load (HTTP, HTTPS, FTP, FTPS, SFTP, etc.)
Set Variable [ $result ; Value: MBS("CURL.SetOptionURL"; $curl; "ftp://ftp.christians-software.de/") ]
Set Variable [ $result ; Value: MBS("CURL.SetOptionUserName"; $curl; "12144-test") ]
Set Variable [ $result ; Value: MBS("CURL.SetOptionPassword"; $curl; "qr\"8km3%Eu\"7") ]
Set Variable [ $result ; Value: MBS("CURL.SetOptionConnectionTimeout"; $curl; 10) ]
Set Variable [ $result ; Value: MBS("CURL.SetOptionSSLVersion"; $curl; 1) // want TLS v1.0 or better ]
Set Variable [ $result ; Value: MBS("CURL.SetOptionUseSSL"; $curl; 3) // require SSL ]
# RUN now
Set Field [ CURL Test::Result ; MBS("CURL.Perform"; $curl) ]
# Check result
Set Field [ CURL Test::Text ; MBS("CURL.GetResultAsText"; $curl; "UTF8") ]
Set Field [ CURL Test::debug ; MBS("CURL.GetDebugMessages"; $curl) ]
# Cleanup
Set Variable [ $result ; Value: MBS("CURL.Release"; $curl) ]

Setup for IMAP with Google GMail:

Set Variable [ $curl ; Value: MBS("CURL.New") ]
Set Variable [ $r ; Value: MBS("CURL.SetOptionPort"; $curl; 993) // IMAP SSL port ]
Set Variable [ $r ; Value: MBS("CURL.SetOptionUseSSL"; $curl; 3) // require SSL ]
Set Variable [ $r ; Value: MBS("CURL.SetOptionSSLVersion"; $curl; 6) // TLSv1.2 ]
Set Variable [ $r ; Value: MBS("CURL.SetOptionURL"; $curl; "imaps://imap.gmail.com/INBOX") ]
Set Variable [ $r ; Value: MBS("CURL.SetOptionUserName"; $curl; $user) ]
Set Variable [ $r ; Value: MBS("CURL.SetOptionPassword"; $curl; $pass) ]

Set TLS 1.2 as minimum and maximum to enfore that version:

Set Variable [ $result ; Value: MBS("CURL.SetOptionSSLVersion"; $curl; 393216 + 6) ]

See also

Example Databases

Blog Entries

Created 18th August 2014, last changed 20th November 2023


CURL.SetOptionSSLVerifyStatus - CURL.SetOptionServerResponseTimeout