The browsers will require SECLEVEL=2 from April 2020, the change in libraries has already landed.
You can override this via command-line, a system config file, or a local config file + environment variable pointing to it. On Ubuntu 20.04 LTS: man SSL_CTX_get_security_level.3ssl does have: -- Level 2 On Ubuntu, TLS versions below 1.2 are not permitted. NOTES The default security level can be configured when OpenSSL is compiled by setting -DOPENSSL_TLS_SECURITY_LEVEL=level. On Ubuntu, 2 is used. -- In addition to having TLSv1.2 min, DTLSv1.2 min, bigger keys ie 2048 bit RSA, we are still to land requirement to reject SHA1 signatures on certs. This is an intentional change. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1864689 Title: openssl in 20.04 can't connect to site that was fine in 19.10 and is fine in Chrome and Firefox To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1864689/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
