[Pkg-openssl-devel] Bug#907049: Bug#907049: openssl: Update to 1.1.1~~pre9-1 makes certain programs unusable
Samuel Hym
samuel.hym+bugs at rustyne.lautre.net
Sat Aug 25 13:49:12 BST 2018
Hi Kurt,
Le 23 août 2018 à 22h20, Kurt Roeckx disait :
> On Thu, Aug 23, 2018 at 02:54:36PM +0200, Antonin Kral wrote:
> > Thu Aug 23 14:46:07 2018 OpenSSL: error:1425F18C:SSL routines:ssl_choose_client_version:version too low
> > Thu Aug 23 14:46:07 2018 TLS_ERROR: BIO read tls_read_plaintext error
> > Thu Aug 23 14:46:07 2018 TLS Error: TLS object -> incoming plaintext read error
> > Thu Aug 23 14:46:07 2018 TLS Error: TLS handshake failed
I have the same issue.
> This is most likely caused by this in /etc/ssl/openssl.cnf:
> [system_default_sect]
> MinProtocol = TLSv1.2
> CipherString = DEFAULT at SECLEVEL=2
>
> Does openvpn use DTLS?
I don’t know about that but…
> Can you try with:
> MinProtocol = TLSv1
>
> And with:
> #MinProtocol = TLSv1.2
Both options work in my case.
So I leave the first enabled, I guess it is a bit more secure than
commenting it out.
Thank you very much!
Samuel
More information about the Pkg-openssl-devel
mailing list