Re: [exim] Exim 4.92-RC1

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Evgeniy Berdnikov
Date:  
À: exim-users
Sujet: Re: [exim] Exim 4.92-RC1
On Fri, Dec 14, 2018 at 05:18:44PM +0100, Torsten Tributh via Exim-users wrote:
> I tested under Debian Buster (actual testing version)
> with openssl. After the installation I lost the possibility to serve TLS
> to TLS1.0 and TLS1.1 Clients.
>
> Debian buster runs with openssl 1.1.1 and a new TLS security setting.
>
> In /etc/ssl/openssl.cnf we find
>
> CipherString = DEFAULT@SECLEVEL=2
>
> Of course there could be just a change to SECLEVEL=1 or SECLEVEL=0,


Do not touch it. In [system_default_sect] of openssl.cnf there should be
line "MinProtocol = TLSv1.2" (debian-specific system restriction),
just change it to allow lower TLS version.
--
Eugene Berdnikov