Re-Enabling TLS1.1 in dovecot 2.3.16
Hi,
I'd like to re-enable TLS1.1 (at least temporary) to see if it fixes a problem with one of my clients.
When I add "ssl_min_protocol = TLSv1.1" to either dovecot.conf or conf.d/10-ssl.conf it doesn't seem to have an effect.
Still the client is not working. I used testssl.sh to check the available ssl versions and it says that tls1.1 is not offered:
$ ./testssl.sh --starttls imap SERVERNAME.TLD:143 ... Service set: STARTTLS via IMAP
Testing protocols via sockets
SSLv2 not offered (OK) SSLv3 not offered (OK) TLS 1 not offered TLS 1.1 not offered TLS 1.2 offered (OK) TLS 1.3 offered (OK): final
Kind regards, Nils
14.12.2023 16:07, Nils пишет:
Hi,
I'd like to re-enable TLS1.1 (at least temporary) to see if it fixes a problem with one of my clients.
When I add "ssl_min_protocol = TLSv1.1" to either dovecot.conf or conf.d/10-ssl.conf it doesn't seem to have an effect.
Still the client is not working. I used testssl.sh to check the available ssl versions and it says that tls1.1 is not offered:
I guess you need to alter |openssl.cnf|
| |
| |
14.12.2023 16:07, Nils пишет: Hi,
I'd like to re-enable TLS1.1 (at least temporary) to see if it fixes
a problem with one of my clients.
When I add "ssl_min_protocol = TLSv1.1" to either dovecot.conf or
conf.d/10-ssl.conf it doesn't seem to have an effect.
Still the client is not working. I used testssl.sh to check the
available ssl versions and it says that tls1.1 is not offered:I guess you need to alter openssl.cnf
participants (2)
-
Dmitry Melekhov
-
Nils