On Thu, Mar 17, 2022 at 2:30 AM Dimitri Papadopoulos <dimitri.papadopou...@cea.fr> wrote: > One could re-enable TLS < 1.2, but it's always the same story: I don't > want to do that for a whole system, just for specific (client) software.
Agreed. I've got a (work-in-progress) MR which adds additional warning messages for these OpenSSL version, and suggests the use of `--allow-insecure-crypto` which sets the OpenSSL security level to ZERO just for OpenConnect: https://gitlab.com/openconnect/openconnect/-/merge_requests/346 Would be great to include some of your proposed documentation updates in this as well. Dan Dan _______________________________________________ openconnect-devel mailing list openconnect-devel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/openconnect-devel
