OpenSSL compliance with Linux distributions

Viktor Dukhovni openssl-users at
Tue Aug 11 01:19:06 UTC 2020

On Thu, Aug 06, 2020 at 09:24:32PM +0200, Patrick Mooc wrote:
> Thank you Ben for your answer.
> I had a look today for this point, but I didin't found anything about 
> extension in the OpenSSL version I use (0.9.8).

If I am mistaken, OpenSSL 0.9.8 shuld have support for the SNI
extension.  It also supports using SSL_CTX_set_options() to set the
SSL_OP_NO_SSLv2 option, which is likely the simplest way to ensure that
SSLv2 is not used.

These days one should probably also disable SSLv3 (via SSL_OP_NO_SSLv2),
but even with that, there are likely some unaddressed security defects
in OpenSSL 0.9.8 that make it unwise to continue using it in general.


More information about the openssl-users mailing list