14 Dec
2023
14 Dec
'23
2:07 p.m.
Hi,
I'd like to re-enable TLS1.1 (at least temporary) to see if it fixes a problem with one of my clients.
When I add "ssl_min_protocol = TLSv1.1" to either dovecot.conf or conf.d/10-ssl.conf it doesn't seem to have an effect.
Still the client is not working. I used testssl.sh to check the available ssl versions and it says that tls1.1 is not offered:
$ ./testssl.sh --starttls imap SERVERNAME.TLD:143 ... Service set: STARTTLS via IMAP
Testing protocols via sockets
SSLv2 not offered (OK) SSLv3 not offered (OK) TLS 1 not offered TLS 1.1 not offered TLS 1.2 offered (OK) TLS 1.3 offered (OK): final
Kind regards, Nils