Am 15.04.20 um 07:55 schrieb Per olof Ljungmark: > On 2020-04-15 00:39, Matthias Andree wrote: >> >>> Finally managed to figure it out, you need to tell the perl script >>> exactly what cipher to use, so I added to 'check_ilo2_health.pl': >>> --sslopts 'SSL_verify_mode => SSL_VERIFY_NONE, SSL_version => >>> "TLSv1_1", SSL_cipher_list => "EDH-RSA-DES-CBC3-SHA"' >>> >>> Works with openssl from ports. >> >> But "SSL_VERIFY_NONE" should be unrelated to the versioning/cipher >> issues. >> If you need SSL_VERIFY_NONE, then the certificate and/or chains and/or >> trusts are not configured properly. >> > > Yes, it is unrelated, the server certs are self-signed.
Then by all means transfer the CA's certificate safely and deploy it on the peers's trust storage, so that you can actually verify the server certificate. SSL_VERIFY_NONE is so... 1990s. _______________________________________________ freebsd-ports@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"