I just made little test with HttpRequest and found that I could not connect to any of our secure servers.
SSLv3 was deprecated 15 years ago, and is now proven vulnerable to the poodle attack.
TcpSocket::SSLImp::Start() is hardcoded to use SSLv3:
In my case it works with TLSv1, TLSv1_1 and TLSv1_2.
Are there any plans on making the protocol selectable or not?
I can try to make a solution, adding a member variable like "SSL_METHOD *sslMethod;" and use it if it is not null otherwise fallback to current code.
Interestingly, I have hit the same issue too 14 days ago, so we are now using SSLv23_client_method/SSLv23_server_method, which according to docs should cover TLS methods as well and downgrade if not available.