Date: Wed, 15 Apr 2020 07:55:24 +0200 From: Per olof Ljungmark <peo@nethead.se> To: freebsd-ports@freebsd.org Subject: Re: openssl problem after 11 -> 12 Message-ID: <397b4653-3570-90ee-1960-c4d24f921df1@nethead.se> In-Reply-To: <f55ce991-eae5-6f2c-81c1-fd12467464da@gmx.de> References: <1b820dcf-34ad-b7af-d25c-ea337f9376b2@nethead.se> <20200414150819.zpo7znhwipg65fsm@aching.in.mat.cc> <1232ac82-24c4-66e7-cdf6-db72fb769ed9@nethead.se> <1e35fefe-b8a8-0dc5-5b4a-adf205ff4263@nethead.se> <f55ce991-eae5-6f2c-81c1-fd12467464da@gmx.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2020-04-15 00:39, Matthias Andree wrote: > >> Finally managed to figure it out, you need to tell the perl script >> exactly what cipher to use, so I added to 'check_ilo2_health.pl': >> --sslopts 'SSL_verify_mode => SSL_VERIFY_NONE, SSL_version => >> "TLSv1_1", SSL_cipher_list => "EDH-RSA-DES-CBC3-SHA"' >> >> Works with openssl from ports. > > But "SSL_VERIFY_NONE" should be unrelated to the versioning/cipher issues. > If you need SSL_VERIFY_NONE, then the certificate and/or chains and/or > trusts are not configured properly. > Yes, it is unrelated, the server certs are self-signed.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?397b4653-3570-90ee-1960-c4d24f921df1>