Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 15 Apr 2020 00:39:34 +0200
From:      Matthias Andree <matthias.andree@gmx.de>
To:        freebsd-ports@freebsd.org
Subject:   Re: openssl problem after 11 -> 12
Message-ID:  <f55ce991-eae5-6f2c-81c1-fd12467464da@gmx.de>
In-Reply-To: <1e35fefe-b8a8-0dc5-5b4a-adf205ff4263@nethead.se>
References:  <1b820dcf-34ad-b7af-d25c-ea337f9376b2@nethead.se> <20200414150819.zpo7znhwipg65fsm@aching.in.mat.cc> <1232ac82-24c4-66e7-cdf6-db72fb769ed9@nethead.se> <1e35fefe-b8a8-0dc5-5b4a-adf205ff4263@nethead.se>

next in thread | previous in thread | raw e-mail | index | archive | help

> Finally managed to figure it out, you need to tell the perl script
> exactly what cipher to use, so I added to 'check_ilo2_health.pl':
> --sslopts 'SSL_verify_mode => SSL_VERIFY_NONE, SSL_version =>
> "TLSv1_1", SSL_cipher_list => "EDH-RSA-DES-CBC3-SHA"'
>
> Works with openssl from ports.

But "SSL_VERIFY_NONE" should be unrelated to the versioning/cipher issues.
If you need SSL_VERIFY_NONE, then the certificate and/or chains and/or
trusts are not configured properly.




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?f55ce991-eae5-6f2c-81c1-fd12467464da>