OpenSSL compliance with Linux distributions

Hubert Kario hkario at redhat.com
Fri Aug 7 16:18:16 UTC 2020


On Thursday, 6 August 2020 21:24:32 CEST, Patrick Mooc wrote:
> Thank you Ben for your answer.
>
> I had a look today for this point, but I didin't found anything 
> about extension in the OpenSSL version I use (0.9.8).
>
> Maybe I have to modify OpenSSL configuration file 
> (openssl.conf) and compile OpenSSL again. I will check this 
> tomorrow.

changing configuration file won't affect behaviour of OpenSSL in your
situation

I don't remember if this was behaviour for 0.9.8, but IIRC 1.0.1 would send
SSLv2 compatible Client Hello only if there were any SSLv2 compatible 
ciphers

try explicitly disabling RC4-MD5 cipher, that may help

> Best Regards,
>
>
> Le 05/08/2020 à 22:46, Benjamin Kaduk a écrit :
>> On Wed, Aug 05, 2020 at 10:28:26PM +0200, Patrick Mooc wrote: ...
>
>
>

-- 
Regards,
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 115, 612 00  Brno, Czech Republic



More information about the openssl-users mailing list