Re: How to enable TLS 1.3?

‐‐‐ Original Message ‐‐‐ On Thursday 30. April 2020 kl. 16:38, Kevin Chadwick wrote: > On 2020-04-30 13:55, Chad Hoolie wrote: > > > Any idea about relayd though? I don't see any mentioning of 1.3 in man > > relayd.conf: > > I'm not a dev but tls1.3 dropped

Re: rc.d: Webserver is removing daemonization - now what?

Thank you Marcus, and the rest of you :) --Chad Sent with ProtonMail Secure Email. ‐‐‐ Original Message ‐‐‐ On Sunday 3. May 2020 kl. 16:53, Marcus MERIGHI wrote: > chad.hoo...@protonmail.com (Chad Hoolie), 2020.05.03 (Sun) 15:43 (CEST): > > > So the folks over at

rc.d: Why is it reindenting my startup scripts?

Hello, Noticed my startup scripts are being reindented from 2 spaces to 4 whenever I run rcctl, just wondering what the point of that was? Thanks! --Chad Sent with ProtonMail Secure Email.

rc.d: Webserver is removing daemonization - now what?

Hi, So the folks over at my webserver is removing its daemonization feature, telling its users to use systemd/upstart/a process supervisor instead. But what does this mean to my webserver's startup script in /etc/rc.d, isn't it dependent on the webserver's ability to daemonize? Pretty sure I

Re: relayd: Why doesn't "tls keypair" look for the fullchain certificate?

Hello, Great idea - thanks a bunch! --Chad ‐‐‐ Original Message ‐‐‐ On Thursday 30. April 2020 kl. 19:07, Anthony J. Bentley wrote: > Chad Hoolie writes: > > > Why does "tls keypair" in relayd.conf look for the regular and not the > > fullchain certificat

Re: How to enable TLS 1.3?

quick look through the relayd source, but from what I saw > there's no TLS1.3 support there. > > On 4/30/20 3:55 PM, Chad Hoolie wrote: > > > Any idea about relayd though? I don't see any mentioning of 1.3 in man > > relayd.conf: > > tls > > no tlsv1.2 >

Re: How to enable TLS 1.3?

‐‐‐ On Thursday, April 30, 2020 3:04 PM, Martijn van Duren wrote: > On 4/30/20 1:19 PM, Chad Hoolie wrote: > > > Hello, > > I'm using httpd with acme-client and Let's Encrypt > > (https://www.romanzolotarev.com/openbsd/acme-client.html). > > This setup, however,

relayd: Why doesn't "tls keypair" look for the fullchain certificate?

Hi, Why does "tls keypair" in relayd.conf look for the regular and not the fullchain certificate? Thus, forcing users who want an A+ certificate to spend hours searching the web for this hack? cd /etc/ssl doas mv foobar.com.crt foobar.com.crt.bak doas ln -s foobar.com.fullchain.pem

How to enable TLS 1.3?

Hello, I'm using httpd with acme-client and Let's Encrypt (https://www.romanzolotarev.com/openbsd/acme-client.html). This setup, however, only seems to support TLS 1.2, whereas TLS 1.3 is needed to achieve A+ ratings across the board. Anybody know how to make the upgrade? --Chad