These versions require SHA1 to operate. However security bits for this algorithm was downgraded due to the known weaknesses and collision attacks. For that reason you have to use @SECLEVEL=0 in the cipher string or call SSL_CTX_set_security_level() to make TLS-1.0 and 1.1 work. https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_security_level.html Regards, Tomas Mraz, OpenSSL On Fri, 2024-04-05 at 05:55 +0000, Yuko Doki (Fujitsu) via openssl- users wrote: > Hello OpenSSL users' community, > This is my first time posting. > > I am developing an application using the OpenSSL API library. > And now I'm trying to migrate from OpenSSL 1.1.1 to 3.0. > > The application supports TLS protocol versions from TLSv1.0 to 1.3, > but with OpenSSL 3.0, TLSv1.0 and TLSv1.1 resulted in a handshake > error. > > The errors are as follows. > [client side] > error:0A000438:SSL routines::tlsv1 alert internal error > [server side] > error:0A000076:SSL routines::no suitable signature algorithm > > The TLS protocol version is set using the following functions. > SSL_CTX_set_min_proto_version() > SSL_CTX_set_max_proto_version() > No cipher suite is set. (Automatically selected by OpenSSL.) > > This implementation worked fine with OpenSSL 1.1.1. > Is OpenSSL 3.0 not supporting these protocol versions? > I would appreciate any advice on how to use TLSv1.0 or TLSv1.1 with > OpenSSL 3.0. > > In addition, the operating environment is as follows. > OS: Red Hat Enterprise Linux release 9.3 > OpenSSL : OpenSSL 3.0.7 1 Nov 2022 (Library: OpenSSL 3.0.7 1 Nov > 2022) > > Kind regards, > Yuko Doki > -- Tomáš Mráz, OpenSSL
