.. include:: /../getting_started/vars.rst .. _section-Product-TLS-610: RTI TLS Support *************** OpenSSL upgrade =============== Release 6.1.0 of *TLS Support* uses OpenSSLĀ® 1.1.1k. (Release 6.0.0 used OpenSSL 1.0.2o, and Release 6.0.1 used 1.1.1d.) *TLS Support* 6.1.0 is API-compatible with OpenSSL versions 1.1.0 through 1.1.1k, not with versions earlier than OpenSSL 1.1.0. If you need *TLS Support* 6.1.0 to run against older versions of OpenSSL, please contact support@rti.com. For instructions on installing the latest version of OpenSSL, see the :link_tls_install_guide_610:`RTI TLS Support Installation Guide 6.1.0 <>`. .. BUILD-2667 Changed OpenSSL static library names ==================================== The OpenSSL static library names no longer have a "z" suffix. Therefore, when including the static libraries in a makefile, we recommend including the whole path to the OpenSSL static libraries in order to avoid confusion with the dynamic libraries. See: :numref:`section-OpenSSL-Namechange` for details. .. BUILD-2848 tls.cipher.cipher_list property has no effect when using TLS 1.3 ================================================================ The property ``tls.cipher.cipher_list`` applies only to TLS 1.2 communication, which occurs when either of the two communicating |DPs| is using a |CONNEXT| version older than 6.0.1. When both communicating |DPs| are using |CONNEXT| 6.0.1 or later, they use TLS 1.3 communication, and the ``tls.cipher.cipher_list`` property does not apply. Starting with |CONNEXT| 6.1.0 two properties are now supported: - ``tls.cipher.cipher_list``: List of available TLS ciphers when communicating with |CONNEXT| 6.0.0 or below. See the OpenSSL manual page for SSL_set_cipher_list for more information on the format of this string. Default: NULL .. - ``tls.cipher.ciphersuites``: List of available TLS ciphersuites when communicating with |CONNEXT| 6.0.1 or above. See the OpenSSL manual page for SSL_CTX_set_ciphersuites for more information on the format of this string. Default: NULL Note that both properties can be set at the same time: in that case, |CONNEXT| will enforce the applicable property depending on the |CONNEXT| version of the involved |DPs|.