Date: Fri, 18 Dec 2015 17:55:19 +0100 From: Dan Lukes <dan@obluda.cz> To: freebsd-security <freebsd-security@freebsd.org> Subject: Re: [OpenSSL] /etc/ssl/cert.pem not honoured by default Message-ID: <56743A77.4080001@obluda.cz> In-Reply-To: <loom.20151218T164148-505@post.gmane.org> References: <loom.20151218T123930-865@post.gmane.org> <5673FB3B.2010201@freebsd.org> <loom.20151218T164148-505@post.gmane.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 18.12.2015 16:47, rhi wrote: > Or is it recommended to let ports use the port OpenSSL, so that base OpenSSL > is only used for the system itself? On 9.x-R (still considered supported version) the base's OpenSSL is so old for today's SSL server. The best TLS version supported is 1.0 which is considered unacceptable old for some recent SSH clients. You have almost no choice but port's OpenSSL (if you wish to provide a SSL server, of course) here. Dan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?56743A77.4080001>