openssl 1.1.1g: Allow usage of insecure client certs

Question

I need to connect to an old server so I had to lower default security level to DEFAULT@SECLEVEL=1 & MinProtocol = TLSv1.0 (as per openssl: Allow usage of insecure client certs). That used to work as expected but is not working anymore recently.

I'm running openssl 1.1.1g and I'm getting SSL routines:tls_process_ske_dhe:dh key too small when connecting to this old server whatsoever...

I can access the server using firefox once I toggle security.ssl3.dhe_rsa_aes_128_sha in about:config

Has there been changes which will prevent that from working now?

I forgot to mention that I can access the server using firefox once I toggle security.ssl3.dhe_rsa_aes_128_sha in about:config — alxgomz, May 05 '20 at 13:47

score 0 · Answer 1 · answered May 05 '20 at 16:08

0

Please disregard, I fixed my problem and it had nothing to do with openssl update or config... PEBKAC

answered May 05 '20 at 16:08

alxgomz

1,630
1
11
14

openssl 1.1.1g: Allow usage of insecure client certs

1 Answers1