SSL_OptionSet with SSL_ENABLE_EXTENDED_MASTER_SECRET will do the trick, but I'm not aware of a config file option for this.
NSS 3.48 enabled this by default, so if you're able to use a newer version, it should "just work". Thanks, Kevin On Thu, Mar 19, 2020 at 8:08 AM Brian Reichert <reich...@numachi.com> wrote: > On Thu, Mar 19, 2020 at 07:34:51AM -0700, Kevin Jacobs wrote: > > Brian, > > > > Can you try again with the "-G" option added to selfserv? > > That indeed does the trick! Thanks! > > Now, since I have your attentive eye, so you know if there's something > I need to do using mod_nss to enable this? > > > Thanks, > > Kevin > > -- > Brian Reichert <reich...@numachi.com> > BSD admin/developer at large > -- > dev-tech-crypto mailing list > dev-tech-crypto@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-tech-crypto > -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto