Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OpenSSL 3 #286

Open
martinthomson opened this issue Mar 9, 2023 · 2 comments
Open

OpenSSL 3 #286

martinthomson opened this issue Mar 9, 2023 · 2 comments

Comments

@martinthomson
Copy link
Member

This probably needs an update.
@gstrauss
Copy link

Follow-ups:
mozilla/ssl-config-generator#256
mozilla/ssl-config-generator#260

@janbrasna janbrasna mentioned this issue Oct 29, 2024
Closed
@gstrauss
Copy link

gstrauss commented Dec 7, 2024

mozilla/ssl-config-generator#256
Set SECLEVEL=0 in cipherstring for old output to allow TLSv1–v1.1 for OpenSSL 3.x
(SECLEVEL=1 would be needed for DH params 1024-bits which is lower than the 2048-bit minimum in default SECLEVEL=2)

mozilla/ssl-config-generator#281
Set the current version of OpenSSL in ssl-config-generator to OpenSSL 3.4.0, and marked versions earlier than 3.0.0 as EOL

mozilla/ssl-config-generator#284
Configured TLSv1.3 key exchange groups in ssl-config-generator where supported by server applications

If there are additional changes that you think should be made, please suggest them.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@martinthomson @gstrauss