With the config option list approach, I'm not sure how we would try the sequence of listed options to settle on. Does wrap_socket raise if a ssl_version is not supported? If so, then we would try calling wrap_socket with each ssl_version, trying the next version if the previous one fails, and falling through to the default after exhausting the options.
Thanks for the clarification.
With the config option list approach, I'm not sure how we would try the sequence of listed options to settle on. Does wrap_socket raise if a ssl_version is not supported? If so, then we would try calling wrap_socket with each ssl_version, trying the next version if the previous one fails, and falling through to the default after exhausting the options.