Hi Michael,
Since this update, we seem to be having a problem with a PHP SMTP
library (swiftmailer) that we're using for a number of sites. I've
updated the library to the version that provides TLSv1.2 support, the
the failure persists: "Swift_TransportException: Unable to connect with
TLS encryption"
I've also tried the latest version of swiftmailer with PHP 7.3.17, which
results in the same error.
The one last thing I've tried is tweaking the library to force the TLS
version to 1.2 ... same error.
Is there something else I need to adjust within apache to make this work?
Thanks
- Brent
On 2020-02-19 10:49, Michael Stauber wrote:
Hi all,
Well, it's now the year 2020 (still no flying cars or hover-boards!), so
it's time to retire the TLSv1.1 protocol from Apache.
To that end an updated base-apache-* has been released for 5209R, where
it was still available as a fallback.
As the OpenSSL on 5209R is too old to support TLSv1.3 we had introduced
Nginx as SSL-proxy, as our custom built Nginx is statically compiled
against a newer OpenSSL that allows us to provide TLSv1.3 and HTTP/2
functionality.
The benefits and usage of the Nginx SSL-proxy are explained here - in
case you're wondering what that is and how to make use of it:
https://www.blueonyx.it/5209r-nginx-ssl-proxy
In case someone wonders what SSL protocols the different versions of
BlueOnyx support in Apache, here is a small list:
BlueOnyx 5210R: Both Apache & Nginx: TLSv1.3 with TLSv1.2 as a fallback
BlueOnyx 5209R: Apache: TLSv1.2, Nginx: TLSv1.3 with TLSv1.2 as fallback
BlueOnyx 5207R/5208R: Apache: TLSv1.2 only
_______________________________________________
Blueonyx mailing list
Blueonyx@mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx
