chickadee » openssl » ssl-listen

(ssl-listen (port <exact>) #!optional ((backlog <exact>) 4) ((hostname <string>) #f) ((ctx <ssl-client-context-or-symbol-or-pair>) 'tls)) => <ssl-listener>procedure

This procedure exists mainly for backwards compatibility. Consider using ssl-listen* instead, which uses better default settings.

Like tcp-listen, but the result is an SSL listener. The extra optional ctx argument is as for ssl-connect.

The default protocol is 'tls, which ensures maximum compatibility with clients. Note, however, that this choice is not particularly secure. Vulnerabilities affecting only the legacy protocols can be avoided by explicitly requesting the 'tlsv12 protocol, if every client that will connect to the server is supporting this.

Call ssl-load-certificate-chain! and ssl-load-private-key! to avoid a "no shared cipher" error on accepting connections.