Hi Lukas,
>
> FYI OpenSSL did a 180 on this, they are implemented a new API call to
> set TLSv1.3 ciphers and enable them by default:
>
> https://github.com/mattcaswell/openssl/commit/d93e832a82087a5f9bcf7d93ed7ae21bc6c1fed0
>
>
Hello Emeric,
On 12 January 2018 at 15:57, Emeric Brun wrote:
> Hi All,
>
> FYI: upgrading to next openssl-1.1.1 could break your prod if you're using a
> forced cipher list because
> handshake will fail regardless the tls protocol version if you don't specify
> a cipher
Hello,
On 13 January 2018 at 20:57, Pavlos Parissis wrote:
> On 13/01/2018 04:22 μμ, Lukas Tribus wrote:
>> Hello,
>>
>>
>> On 13 January 2018 at 15:17, Pavlos Parissis
>> wrote:
Not exactly, the moment you force a cipher list that
On 13/01/2018 04:22 μμ, Lukas Tribus wrote:
> Hello,
>
>
> On 13 January 2018 at 15:17, Pavlos Parissis
> wrote:
>>> Not exactly, the moment you force a cipher list that does not include a
>>> TLSv1.3 cipher in the server side (which has TLSv1.3 enabled) the TLS
>>>
Hello,
On 13 January 2018 at 15:17, Pavlos Parissis wrote:
>> Not exactly, the moment you force a cipher list that does not include a
>> TLSv1.3 cipher in the server side (which has TLSv1.3 enabled) the TLS
>> handshake will break regardless of what is in the Client
On 13/01/2018 01:22 μμ, Moemen MHEDHBI wrote:
> HI Pavlos,
>
>
> On 12/01/2018 22:53, Pavlos Parissis wrote:
>> On 12/01/2018 03:57 μμ, Emeric Brun wrote:
>>> Hi All,
>>>
>>> FYI: upgrading to next openssl-1.1.1 could break your prod if you're using
>>> a forced cipher list because
>>>
HI Pavlos,
On 12/01/2018 22:53, Pavlos Parissis wrote:
> On 12/01/2018 03:57 μμ, Emeric Brun wrote:
>> Hi All,
>>
>> FYI: upgrading to next openssl-1.1.1 could break your prod if you're using a
>> forced cipher list because
>> handshake will fail regardless the tls protocol version if you don't
2, 2018 4:55 PM
To: Emeric Brun; haproxy@formilux.org
Subject: Re: Warning: upgrading to openssl master+ enable_tls1_3 (coming
v1.1.1) could break handshakes for all protocol versions .
On 12/01/2018 03:57 μμ, Emeric Brun wrote:
> Hi All,
>
> FYI: upgrading to next openssl-1.1.1
On 12/01/2018 03:57 μμ, Emeric Brun wrote:
> Hi All,
>
> FYI: upgrading to next openssl-1.1.1 could break your prod if you're using a
> forced cipher list because
> handshake will fail regardless the tls protocol version if you don't specify
> a cipher valid for TLSv1.3
> in your cipher list.
>
Hi All,
FYI: upgrading to next openssl-1.1.1 could break your prod if you're using a
forced cipher list because
handshake will fail regardless the tls protocol version if you don't specify a
cipher valid for TLSv1.3
in your cipher list.
https://github.com/openssl/openssl/issues/5057
10 matches
Mail list logo