On Wed, Apr 12, 2017 at 5:22 PM, Kenway Ng <[email protected]> wrote:
> > I am trying to upgrade our version of stunnel. Our SME left and now I am > trying to upgrade stunnel to fix a vulnerability . I am being told to use > TLS1.1 or higher > > $ ./stunnel -version > > stunnel 4.15 on x86_64-redhat-linux-gnu with OpenSSL 0.9.8e-fips-rhel5 01 > Jul 2008 > > Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv6 Auth:LIBWRAP > > > I don't have RHEL5 64-bit but these links may help: https://miteshshah.github.io/linux/centos/how-to-enable-openssl-1-0-2-a-tlsv1-1-and-tlsv1-2-on-centos-5-and-rhel5/ http://serverfault.com/questions/296765/cannot-find-ssl-libraries-when-configuring-stunnel These links involve re-compiling OpenSSL and Stunnel, in that order. I would opt for OpenSSL 1.0.2k (latest as of 20170412) since 1.0.1 and below are all EOL as of 12/31/2016. OpenSSL 0.9.8 supports only TLS v1.0, whereas OpenSSL 1.0.1 supports TLS v1.0, v1.1 and v1.2. -Rob
_______________________________________________ stunnel-users mailing list [email protected] https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
