On June 8, 2018 at 12:45AM +0800, jidanni (at jidanni.org) wrote:
> $ w3m -dump https://wiki.debconf.org
> SSL error: error:1414D172:SSL routines:tls12_check_peer_sigalg:wrong 
> signature type
>
> Workaround:
>      Downgrade the following packages:
> 1)     openssl [1.1.1~~pre7-1 (experimental, now) -> 1.1.0h-4 (unstable)]

Hmm, the problem is caused becase of the SHA-1 signature, intentionally
rejected by openssl SECLEVEL 2, now default in sid.

Workaround:
  - Downgrade SECLEVEL from 2 to 1 in /etc/ssl/openssl.cnf

cf. https://wiki.debian.org/ContinuousIntegration/TriagingTips/openssl-1.1.1

Thanks,
--
Tatsuya Kinoshita

Attachment: pgpBLG8TNdLiQ.pgp
Description: PGP signature

Reply via email to