README: Clarify that OpenSSL is not required for ECDHE

This commit is contained in:
Aaron Jones 2016-08-15 10:50:59 +00:00
parent ba1edd7277
commit fd9f652150
No known key found for this signature in database
GPG key ID: EC6F86EE9CD840B5

View file

@ -66,17 +66,18 @@ You will need to run `autogen.sh` to build the autotools files prior to building
* For SSL/TLS client and server connections, one of:
* OpenSSL 1.0 or newer
* LibreSSL
* mbedTLS
* GnuTLS
* OpenSSL 1.0.0 or newer (--enable-openssl)
* LibreSSL (--enable-openssl)
* mbedTLS (--enable-mbedtls)
* GnuTLS (--enable-gnutls)
* For certificate-based oper CHALLENGE, OpenSSL 1.0 or newer.
* For certificate-based oper CHALLENGE, OpenSSL 1.0.0 or newer.
(Using CHALLENGE is not recommended for new deployments, so if you want to use a different TLS library,
feel free.)
* For ECDHE, OpenSSL 1.0.0 or newer is required. Solaris; and RHEL/Fedora and its derivatives such as CentOS
have removed support for ECC/ECDHE. You will need to compile your own OpenSSL on these systems.
* For ECDHE under OpenSSL, on Solaris and RHEL/Fedora (and its derivatives such as CentOS) you will
need to compile your own OpenSSL on these systems, as they have removed support for ECC/ECDHE.
Alternatively, consider using another library (see above).
# tips