You need to change your server config (however it is done), so that it gets
@SECLEVEL=0 into the cipher string. See the ciphers manpage for description of
security levels.
You can also edit openssl source and rebuild/relink, but that shouldn’t be
necessary.
--
openssl-users mailing list
To
Hi everyone,
I'm upgrading a server application from using OpenSSL 1.0.2n to using
OpenSSL 1.1.0g.
I noticed that after the upgrade, some SSL certs get rejected because they
use an MD5 digest, with the error:
"SSL_CTX_use_certificate:ca md too weak"
While I could ask clients to get a better CA
