On Fri, Dec 14, 2018 at 05:18:44PM +0100, Torsten Tributh via Exim-users wrote: > I tested under Debian Buster (actual testing version) > with openssl. After the installation I lost the possibility to serve TLS > to TLS1.0 and TLS1.1 Clients. > > Debian buster runs with openssl 1.1.1 and a new TLS security setting. > > In /etc/ssl/openssl.cnf we find > > CipherString = DEFAULT@SECLEVEL=2 > > Of course there could be just a change to SECLEVEL=1 or SECLEVEL=0,
Do not touch it. In [system_default_sect] of openssl.cnf there should be line "MinProtocol = TLSv1.2" (debian-specific system restriction), just change it to allow lower TLS version. -- Eugene Berdnikov -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
