diff options
Diffstat (limited to 'README.SSL')
| -rw-r--r-- | README.SSL | 19 |
1 files changed, 13 insertions, 6 deletions
@@ -21,18 +21,25 @@ below and in the manual). fetchmail 6.4.0 will auto-negotiate TLSv1 or newer only. -Fetchmail 6.4.22 supports OpenSSL 3.0.0 and 1.1.1. +Fetchmail 6.4.25 supports OpenSSL 3.0 and 1.1.1 and WolfSSL 5.0. - -- Matthias Andree, 2021-09-09 +The configure options --with-wolfssl takes precedence over --with-ssl. + + -- Matthias Andree, 2021-11-20 Quickstart ---------- -Use an up-to-date release of OpenSSL v1.1.1 or v3.0.0 or newer, so as to get -TLSv1.3 support. Older OpenSSL versions are unsupported upstream, and -fetchmail rejects versions before v1.0.2f and warns about versions before -v1.1.1. +Use an up-to-date release of OpenSSL v1.1.1 or v3.0.0 or wolfSSL 5.0.0 or +newer, so as to get TLSv1.3 support. Older OpenSSL versions are unsupported +upstream, and fetchmail rejects versions before v1.0.2f and warns about +versions before v1.1.1. + +wolfSSL needs to be configured with --enable-opensslall --enable-harden, +else some required OpenSSL APIs are missing, especially for SNI (server name +indication), which is required to fetch mail from Google and some other mail +server providers. In all four examples below, the (--)sslcertck has become redundant since fetchmail v6.4.0, but since fetchmail 6.3 releases will be in circulation |