tech-pkg archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: mysql SSL regression with OpenSSL 1.0.1p
Joerg Sonnenberger <joerg%britannica.bec.de@localhost> wrote:
> > With recent OpenSSL upgrade, DH parameters below 1024 bits are now
> > refused. MySQL hardcodes 512 bits DH parameters and will therefore fail
> > to run SSL connexions with OpenSSL 1.0.1p
> Similar issues might apply to sendmail, just FYI.
I just gave it a try and it works fine with sendmail from pkgsrc-2015Q1
openssl s_client -cipher DHE-RSA-AES256-SHA -connect host:465
And sendmail supports ECDH, which would make loss of DH less an issue.
--
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu%netbsd.org@localhost
Home |
Main Index |
Thread Index |
Old Index