package async_ssl

You can search for identifiers within the package.

in-package search v0.2.0

async_ssl
- Async_ssl
  - Config
    
    Client
    
    Server
  - Ffi_generated
  - Ffi_generated_types
  - Import
    
    Bindings
    
    ASN1_object
    
    ASN1_string
    
    Bignum
    
    Bio
    
    Ctypes
    
    Dh
    
    Struct
    
    EVP
    
    Engine
    
    Progress_callback
    
    Ssl
    
    Ssl_ctx
    
    Ssl_method
    
    Ssl_session
    
    X509
    
    X509_name
    
    X509_name_entry
    
    Types
    
    Evp
    
    Ssl_error
    
    Ssl_op
    
    Verify_mode
    
    Verify_result
    
    X509_filetype
  - Initialize
  - Opt
  - Rfc3526
  - Ssl
    
    Certificate
    
    Connection
    
    For_testing
    
    Opt
    
    Override_security_level
    
    Session
    
    Verify_mode
    
    Version
  - Std
  - Tls
    
    Expert
    
    For_testing
  - Verify_mode
  - Version
async_ssl.bindings
- Async_ssl_bindings
  - Ctypes_foreign_flat
  - Ffi_bindings
    
    Bignum
    
    Bindings
    
    ASN1_object
    
    ASN1_string
    
    Bignum
    
    Bio
    
    Ctypes
    
    Dh
    
    Struct
    
    EVP
    
    Engine
    
    F
    
    Ssl
    
    Ssl_ctx
    
    Ssl_method
    
    Ssl_session
    
    X509
    
    X509_name
    
    X509_name_entry
    
    Dh
    
    Progress_callback
    
    Rsa
    
    Ssl
    
    Tmp_dh_callback
    
    Tmp_rsa_callback
    
    Types
    
    Evp
    
    F
    
    Intptr
    
    Infix
    
    Ptrdiff
    
    Infix
    
    Uintptr
    
    Infix
    
    Ssl_error
    
    Ssl_op
    
    Verify_mode
    
    Verify_result
    
    X509_filetype
    
    Voidp
    
    T

Legend:
Library
Module
Module type
Parameter
Class
Class type

type t

val insecure_do_not_use : unit -> t

OpenSSL 1.1 changed the default security level and now disallows many known weak ciphers and signature algorithms. A commonly observed failure mode is RSA keys of insufficient length (e.g. 1024 bits). This may break some applications.

We expose this flag as a break glass work around until the problematic certificates can be updated.

alert flawed_security Only use this as a last resort stop gap until you can get the problematic certificates re-issued.