-TLS requires kTLS, ie., Linux >= 4.13 with CONFIG_TLS enabled. Only cipher
-suites supported by kTLS is supposed, ie., AES-128-GCM (if no such cipher
-suite is available, the connection will be aborted). If the server is restarted
-before the key exchange for a connection is completed, that connection will
-not survive the restart, unlike all other connections. (This is a TLSe
-limitation.) You can have different certificates on different ports (and
-have separate ports for TLS and non-TLS), but SNI is not yet supported.
+TLS requires kTLS for both send and receive, ie., Linux >= 4.17 with CONFIG_TLS
+enabled. Only cipher suites supported by kTLS is supposed, ie., AES-128-GCM
+(if no such cipher suite is available, the connection will be aborted). If the
+server is restarted before the key exchange for a connection is completed,
+that connection will not survive the restart, unlike all other connections.
+(This is a TLSe limitation.) You can have different certificates on different
+ports (and have separate ports for TLS and non-TLS), but SNI is not yet
+supported.