package async_ssl

  1. Overview
  2. Docs
type t
val insecure_do_not_use : unit -> t

OpenSSL 1.1 changed the default security level and now disallows many known weak ciphers and signature algorithms. A commonly observed failure mode is RSA keys of insufficient length (e.g. 1024 bits). This may break some applications.

We expose this flag as a break glass work around until the problematic certificates can be updated.

  • alert flawed_security Only use this as a last resort stop gap until you can get the problematic certificates re-issued.
OCaml

Innovation. Community. Security.