Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 15 Apr 2020 07:55:24 +0200
From:      Per olof Ljungmark <peo@nethead.se>
To:        freebsd-ports@freebsd.org
Subject:   Re: openssl problem after 11 -> 12
Message-ID:  <397b4653-3570-90ee-1960-c4d24f921df1@nethead.se>
In-Reply-To: <f55ce991-eae5-6f2c-81c1-fd12467464da@gmx.de>
References:  <1b820dcf-34ad-b7af-d25c-ea337f9376b2@nethead.se> <20200414150819.zpo7znhwipg65fsm@aching.in.mat.cc> <1232ac82-24c4-66e7-cdf6-db72fb769ed9@nethead.se> <1e35fefe-b8a8-0dc5-5b4a-adf205ff4263@nethead.se> <f55ce991-eae5-6f2c-81c1-fd12467464da@gmx.de>

next in thread | previous in thread | raw e-mail | index | archive | help
On 2020-04-15 00:39, Matthias Andree wrote:
> 
>> Finally managed to figure it out, you need to tell the perl script
>> exactly what cipher to use, so I added to 'check_ilo2_health.pl':
>> --sslopts 'SSL_verify_mode => SSL_VERIFY_NONE, SSL_version =>
>> "TLSv1_1", SSL_cipher_list => "EDH-RSA-DES-CBC3-SHA"'
>>
>> Works with openssl from ports.
> 
> But "SSL_VERIFY_NONE" should be unrelated to the versioning/cipher issues.
> If you need SSL_VERIFY_NONE, then the certificate and/or chains and/or
> trusts are not configured properly.
> 

Yes, it is unrelated, the server certs are self-signed.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?397b4653-3570-90ee-1960-c4d24f921df1>