Archiveopteryx offers to use TLS with all supported protocols. All clients that support TLS will normally use it with Archiveopteryx.
At the present time, Archiveopteryx never initiates connections, so it does not need to provide client-side TLS, certificate matching etc.
Archiveopteryx supports using the usual sort of certificate from a proper CA.
In addition, Archiveopteryx can generate a certificate for itself: If there is no configured certificate, Archiveopteryx silently generates a self-signed certificate at startup. While we don't think using self-signed certificates is a very good idea, it's much better than using plain text.
With TLS, the server offers a list of ciphers to the client, and the client chooses.
In case of questions, please write to firstname.lastname@example.org.
Last modified: 2010-11-19