On Thursday, 6 August 2020 21:24:32 CEST, Patrick Mooc wrote:
Thank you Ben for your answer.
I had a look today for this point, but I didin't found anything
about extension in the OpenSSL version I use (0.9.8).
Maybe I have to modify OpenSSL configuration file
(openssl.conf) and compile OpenSSL again. I will check this
tomorrow.
changing configuration file won't affect behaviour of OpenSSL in your
situation
I don't remember if this was behaviour for 0.9.8, but IIRC 1.0.1 would send
SSLv2 compatible Client Hello only if there were any SSLv2 compatible
ciphers
try explicitly disabling RC4-MD5 cipher, that may help
Best Regards,
Le 05/08/2020 à 22:46, Benjamin Kaduk a écrit :
On Wed, Aug 05, 2020 at 10:28:26PM +0200, Patrick Mooc wrote: ...
--
Regards,
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 115, 612 00 Brno, Czech Republic
