On 21/08/24 14:49, Kirill A. Korinsky wrote: > On Wed, 21 Aug 2024 14:32:34 +0200, > David McMackins II <cont...@mcmackins.org> wrote: >> rsae_send_imsg: privenc poll timeout, keyop #0 >> relay gemini, session 1 (1 active), 0, 192.168.1.1 -> :11965, TLS >> handshake error: handshake failed: error:1402D438:SSL >> routines:ACCEPT_SW_CERT:tlsv1 alert internal error: Invalid argument >> relay_dispatch_ca: privenc result after timeout >> > TLSv1 and TSLv1.1 are disabled by default, and you must enable them to use > them; see man for relayd.conf.
not just disabled, in july 2023 tls 1.0 and 1.1 were completely removed from libtls, and very shortly later also from libssl. (plus the Gemini specification actually requires tls 1.2 or 1.3)
