On 1/29/20 8:05 PM, Bastian Blank wrote: > It seems like I found a workaround: hard disable TLS 1.3 in OpenSSL: > > /etc/ssl/openssl.conf: > | [system_default_sect] > | MinProtocol = TLSv1.2 > | MaxProtocol = TLSv1.2 > | CipherString = DEFAULT@SECLEVEL=2
Good to know. You'll need to downgrade the new defaults if you're monitoring ancient systems like lenny or RHEL5. Kind Regards, Bas -- GPG Key ID: 4096R/6750F10AE88D4AF1 Fingerprint: 8182 DE41 7056 408D 6146 50D1 6750 F10A E88D 4AF1
