https://bugzilla.redhat.com/show_bug.cgi?id=1532250 Petr Pisar <ppisar@xxxxxxxxxx> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |ppisar@xxxxxxxxxx --- Comment #4 from Petr Pisar <ppisar@xxxxxxxxxx> --- (In reply to Paul Howarth from comment #1) > The problem here is that the target server doesn't support newer SSL > protocols/ciphers, and the ones it does support are below the standard > required by the system-wide crypto policy (see > https://fedoraproject.org/wiki/Changes/CryptoPolicy), which is implemented > in Fedora's perl-IO-Socket-SSL package (this is why your use of raw > Net::SSLeay works, and IO::Socket::SSL doesn't). > > I can make it work by changing the IO::Socket::SSL->new() invocation to this: > > my $cl = IO::Socket::SSL->new( > PeerHost => $ARGV[0], > PeerPort => 'https', > SSL_cipher_list => 'DES-CBC3-SHA' > ); > I'm not sure. "openssl s_client -connect www.halstead.com:443" works. And DES-CBC3-SHA has not yet been disabled in the global cryptopolicy <https://bugzilla.redhat.com/show_bug.cgi?id=1487607#c6>. -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ perl-devel mailing list -- perl-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to perl-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
