diff options
author | Arne Schwabe | 2017-06-26 13:13:26 +0200 |
---|---|---|
committer | Gert Doering | 2017-06-27 19:48:45 +0200 |
commit | 26345ba61b8d5bccb1331894ab6d1468e3b09adf (patch) | |
tree | 10a517471406dfd5abd978ced848a2f1f9f43ce7 /src/openvpn/crypto_backend.h | |
parent | 778aca3d251b6a563ffbabef95816fab863825e1 (diff) | |
download | openvpn-26345ba61b8d5bccb1331894ab6d1468e3b09adf.zip openvpn-26345ba61b8d5bccb1331894ab6d1468e3b09adf.tar.gz |
Set tls-cipher restriction before loading certificates
OpenSSL 1.1 does not allow MD5 signed certificates by default anymore.
This can be enabled again by settings tls-cipher "DEFAULT:@SECLEVEL=0" but
only if the cipher list is set before loading the certificates. This patch
changes the order of loading.
Acked-by: Christian Hesse <list@eworm.de>
Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <1498475606-8337-1-git-send-email-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg14961.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Diffstat (limited to 'src/openvpn/crypto_backend.h')
0 files changed, 0 insertions, 0 deletions