diff -up sblim-wbemcli-1.6.2/CimCurl.cpp.orig sblim-wbemcli-1.6.2/CimCurl.cpp
--- sblim-wbemcli-1.6.2/CimCurl.cpp.orig	2009-03-04 20:10:54.000000000 +0100
+++ sblim-wbemcli-1.6.2/CimCurl.cpp	2016-03-07 10:07:29.766255023 +0100
@@ -165,8 +165,28 @@ void CimomCurl::genRequest(URL &url, con
     rv = curl_easy_setopt(mHandle, CURLOPT_SSL_VERIFYHOST, 0);
     //    rv = curl_easy_setopt(mHandle, CURLOPT_SSL_VERIFYPEER, 0);
     
-    /* Force using SSL V3 */
-    rv = curl_easy_setopt(mHandle, CURLOPT_SSLVERSION, 3);    
+    /* Force use of a specific SSL/TLS version */
+    char * curlSslVer = getenv("WBEMCLI_CURL_SSLVERSION");
+    if (curlSslVer) {
+      if (!strcasecmp(curlSslVer,"SSLv2"))
+        rv = curl_easy_setopt(mHandle, CURLOPT_SSLVERSION, CURL_SSLVERSION_SSLv2);
+      else if (!strcasecmp(curlSslVer,"SSLv3"))
+        rv = curl_easy_setopt(mHandle, CURLOPT_SSLVERSION, CURL_SSLVERSION_SSLv3);
+      else if (!strcasecmp(curlSslVer,"TLSv1"))
+        rv = curl_easy_setopt(mHandle, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
+      else if (!strcasecmp(curlSslVer,"TLSv1.0") || !strcasecmp(curlSslVer,"TLSv1_0"))
+        rv = curl_easy_setopt(mHandle, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_0);
+      else if (!strcasecmp(curlSslVer,"TLSv1.1") || !strcasecmp(curlSslVer,"TLSv1_1"))
+        rv = curl_easy_setopt(mHandle, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_1);
+      else if (!strcasecmp(curlSslVer,"TLSv1.2") || !strcasecmp(curlSslVer,"TLSv1_2"))
+        rv = curl_easy_setopt(mHandle, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);
+      else
+        throw URLException("unknown WBEMCLI_CURL_SSLVERSION");
+    }
+
+    if (rv != CURLE_OK) {
+        throw URLException("unsupported WBEMCLI_CURL_SSLVERSION in this curl library");
+    }
 
     /* Set username and password */
     if (url.user.length() > 0 && url.password.length() > 0) {
diff -up sblim-wbemcli-1.6.2/man/wbemcli.1.pre.in.orig sblim-wbemcli-1.6.2/man/wbemcli.1.pre.in
--- sblim-wbemcli-1.6.2/man/wbemcli.1.pre.in.orig	2009-06-20 01:10:57.000000000 +0200
+++ sblim-wbemcli-1.6.2/man/wbemcli.1.pre.in	2016-03-07 10:07:29.766255023 +0100
@@ -554,6 +554,14 @@ The example in the previous section can
 	wbemcli gi 'myCimom/root/cimv2:rpm_package.name="glibc"'
 .PP
 
+.SH ENVIRONMENT
+.TP
+.B WBEMCLI_CURL_SSLVERSION
+Specifies the SSL protocol that will be used.
+Valid values are SSLv2, SSLv3, TLSv1, TLSv1.0 (TLSv1_0), TLSv1.1 (TLSv1_1)
+or TLSv1.2 (TLSv1_2).
+If this variable is not set, wbemcli will attempt to figure out the
+remote SSL protocol version.
 .SH FILES
 .TP
 .I @CACERT@