OpenVPN/openvpn.git - OpenVPN - A Secure tunneling daemon

diff options

author	Arne Schwabe	2021-10-29 13:24:07 +0200
committer	Gert Doering	2022-05-04 10:43:47 +0200
commit	7b1b100557608db8a311d06f7578ceb7c4d33aa6 (patch)
tree	c79c49b96cb178d7990a94a05cca6912c2f5ca46 /src/tapctl
parent	f89b07831e8a6d0819b32d2fd6b15f430941ebcb (diff)
download	openvpn-7b1b100557608db8a311d06f7578ceb7c4d33aa6.zip openvpn-7b1b100557608db8a311d06f7578ceb7c4d33aa6.tar.gz

Add insecure tls-cert-profile options

The recent deprecation of SHA1 certificates in OpenSSL 3.0 makes it necessary to reallow them in certain deployments. Currently this works by using the hack of using tls-cipher "DEFAULT:@SECLEVEL=0". Add "insecure" as option to tls-cert-profile to allow setting a seclevel of 0. Patch v4: fix default accidentially changed to insecure Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Max Fillinger <maximilian.fillinger@foxcrypto.com> Message-Id: <20211029112407.2004234-1-arne@rfc2549.org> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23076.html Signed-off-by: Gert Doering <gert@greenie.muc.de> (cherry picked from commit 23efeb7a0bd9e0a6d997ae6e77e0e04170da3e67)

Diffstat (limited to 'src/tapctl')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: