Am 30.07.22 um 20:46 schrieb Jochen Keutel:
We did run into this issue because some special devices (e.G. Cisco Prime Collaboration Assurance) cannot connect to the new OpenLDAP server. The server logfile states: TLS handshake: negotiation failure. It's not yet clear whether they really can "speak" only Camellia ...
it's called "openssl security level". Debian 11 defaults to seclevel=2, camellia cipher are available in the seclevel=1 $ grep PRETTY_NAME /etc/os-release PRETTY_NAME="Debian GNU/Linux 11 (bullseye)" $ openssl ciphers -v | grep -i camellia | wc -l 0 $ openssl ciphers -v 'ALL;@SECLEVEL=1' | grep -i camellia | wc -l 28 Andreas
