[Pkg-openssl-devel] Bug#912864: Bug#912864: openssl: new version of openssl breaks some openvpn clients
Kurt Roeckx
kurt at roeckx.be
Sun Nov 4 20:10:42 GMT 2018
On Sun, Nov 04, 2018 at 11:39:59AM -0800, James Bottomley wrote:
> >
> > On which side do you use tls-version-min?
>
> client
>
> > Can you please give the version of both openvpn and openssl on both
> > sides.
>
> Client is openwrt, server is debian testing. The package of the server
> was already provided in the bug report, but again it's
>
> openssl 1.1.1-2
> openvpn 2.4.6-1
>
> Packages on the openwrt client are
>
> libopenssl 1.0.2g-1
> openvpn-openssl 2.3.6-5
So you're saying that even with tls-version-min 1.0 on your
client side and with openssl.cnf changed on the server it's still
not working? Either of those changes should be enough to get it
working as far as I understand.
I have almost the reverse in my setup, where the server is 2.3.4
and the client runs testing. On the server I've set the
tls-version-min 1.0 and everything works for me.
I will try to look at this in a few days.
Kurt
More information about the Pkg-openssl-devel
mailing list