Yeah, you need to add the @SECLEVEL=0 in the cipher string to set the security level to 0. That is needed to allow SHA1 in signatures which is required for these TLS versions. Tomas Mraz On Thu, 2022-02-03 at 17:36 +1100, pauli@xxxxxxxxxxx wrote: > It does support both. I think a configuration time option might be > required and neither is supported by the FIPS provider. > > Paul Dale > > > On 3/2/22 4:32 pm, Srinivas, Saketh (c) wrote: > > > > > Hi, > > > > Does openssl 3.0 still support TLSv 1.0 and TLSv1.1. or they are > > deprecated, because there were some deprecations like sha1 etc. > > > > Thanks, > > Saketh. > > > > > > > > Notice: This e-mail together with any attachments may contain > > information of Ribbon Communications Inc. and its Affiliates that > > is > > confidential and/or proprietary for the sole use of the intended > > recipient. Any review, disclosure, reliance or distribution by > > others > > or forwarding without express permission is strictly prohibited. If > > you are not the intended recipient, please notify the sender > > immediately and then delete all copies, including any attachments. > > -- Tomáš Mráz, OpenSSL
