--On Thursday, November 14, 2019 11:17 AM +0800 莫亚男 nanmor@126.com wrote:
Hi Quanah,
Sorry for reply so late. We download the package and self-built. we used below commands: env CPPFLAGS=-I/usr/local/src/openssl-1.1.1/include LDFLAGS=-L/usr/local/ssl/lib ./configure make depend make make install
Hi Nancy,
Please keep replies on the technical list. Which OpenSSL 1.1.1 release are you linking to?
Regards, Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
Hi Quana, Here is the openssl version information:
openssl version -a OpenSSL 1.1.1 11 Sep 2018 built on: Fri Sep 21 06:40:15 2018 UTC platform: linux-x86_64
Thanks &Best Regards, Nancy
At 2019-11-15 00:27:18, "Quanah Gibson-Mount" quanah@symas.com wrote:
--On Thursday, November 14, 2019 11:17 AM +0800 莫亚男 nanmor@126.com wrote:
Hi Quanah,
Sorry for reply so late. We download the package and self-built. we used below commands: env CPPFLAGS=-I/usr/local/src/openssl-1.1.1/include LDFLAGS=-L/usr/local/ssl/lib ./configure make depend make make install
Hi Nancy,
Please keep replies on the technical list. Which OpenSSL 1.1.1 release are you linking to?
Regards, Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
--On Friday, November 15, 2019 10:09 PM +0800 莫亚男 nanmor@126.com wrote:
Hi Quana, Here is the openssl version information:
Hi Nancy,
"TLSv1.3" does not seem to be a valid cipher suite specifier with OpenSSL, which is likely why this doesn't work.
For example:
openssl ciphers MEDIUM TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:DHE-RSA-SEED-SHA:DHE-DSS-SEED-SHA:ADH-SEED-SHA:SEED-SHA
vs
openssl ciphers TLSv1.3 Error in cipher list
vs
openssl ciphers TLSv1 TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:AECDH-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:AECDH-AES128-SHA:ECDHE-ECDSA-NULL-SHA:ECDHE-RSA-NULL-SHA:AECDH-NULL-SHA:ECDHE-PSK-AES256-CBC-SHA384:ECDHE-PSK-AES256-CBC-SHA:RSA-PSK-AES256-CBC-SHA384:DHE-PSK-AES256-CBC-SHA384:ECDHE-PSK-CAMELLIA256-SHA384:RSA-PSK-CAMELLIA256-SHA384:DHE-PSK-CAMELLIA256-SHA384:PSK-AES256-CBC-SHA384:PSK-CAMELLIA256-SHA384:ECDHE-PSK-AES12 8-CBC-SHA256:ECDHE-PSK-AES128-CBC-SHA:RSA-PSK-AES128-CBC-SHA256:DHE-PSK-AES128-CBC-SHA256:ECDHE-PSK-CAMELLIA128-SHA256:RSA-PSK-CAMELLIA128-SHA256:DHE-PSK-CAMELLIA128-SHA256:PSK-AES128-CBC-SHA256:PSK-CAMELLIA128-SHA256:ECDHE-PSK-NULL-SHA384:ECDHE-PSK-NULL-SHA256:ECDHE-PSK-NULL-SHA:RSA-PSK-NULL-SHA384:RSA-PSK-NULL-SHA256:DHE-PSK-NULL-SHA384:DHE-PSK-NULL-SHA256:PSK-NULL-SHA384:PSK-NULL-SHA256
etc.
I would suggest using valid values in your configuration.
Regards, Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
openldap-technical@openldap.org
-
Quanah Gibson-Mount -
莫亚男