I have tested 1.8.8-1ubuntu0.6 (bionic) with our existing configuration, and I cannot find anything wrong it.
We use the default 1024 bit DH-parameters, and override it with better parameters for some of our frontends using parameters specified directly in the certificate file (concatenated). testssl.sh and ssllabs report only expected changes (TLSv1.3). No configuration change was needed. Thank you! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1841936 Title: Rebuild openssl 1.1.1 to pickup TLSv1.3 (bionic) and unbreak existing builds against 1.1.1 (dh key size) To manage notifications about this bug go to: https://bugs.launchpad.net/haproxy/+bug/1841936/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
