On Tue, Sep 12, 2023 at 09:25:54AM +0200, Camille - Clean Mailbox via mailop wrote: > Hi, > > I didn't changed anything in Postfix configuration. But yes, over the last > months, we upgraded from Debian 11 (OpenSSL 1.1.1n) to Debian 12 (OpenSSL > 3.0.9). > I don't see anything in openssl.cnf that could restrict something, if you > have any idea.
I had a maybe similar issue after upgrading to Ubuntu 22.04. It could be resolved with https://discourse.ubuntu.com/t/default-to-tls-v1-2-in-all-tls-libraries-in-20-04-lts/12464/8 We have internal servers with TLS1.0 only which aren't reachable. :( You can restrict the "security level" downgrade to a specific service if the OpenSSL configuration is set via a environment variable, pointing to a specific OpenSSL configuration file. Johann _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
