This change makes NativeTLS the default build mode for OSX binaries. See PM-305 for a full list of the changes this represents including:
- (/)Support for TLS 1.1 and 1.2 (
- Support for Security Keychain and System CA (
DOCS-11426) Remove of some OpenSSL specific esoteric functionality.
- Backwards Breaking Change: Encrypted PEM files are not supported on Apple (lacks ability to decode PEMs encrypted with AES) and Windows (no support at all) (
- Current Plan Of Record is to advise customers to use certificate selectors as more secure alternative
- On macOS, sslCRLFile is not supported.
Change the macOS SSL and Enterprise builds to use "--ssl-provider=native".
Create an OpenSSL daily build variant to ensure it continues to work.