You could always set up an haproxy or nginx proxy to take care of this. -----Original Message----- From: monit-general-bounces+rory=trs80....@nongnu.org <monit-general-bounces+rory=trs80....@nongnu.org> On Behalf Of sashk via This is the general mailing list for monit Sent: Thursday, February 9, 2023 2:23 PM To: This is the general mailing list for monit <monit-general@nongnu.org> Subject: Re: ssl: unsafe legacy renegotiation
Hi, > Google the error and solution. Either update SSL on the cable modem “server” > if you can or modify Monit (the client) yourself. Upgrading ssl is not possible on cable modem, therefore as I stated in my original email: >> It seems re-configuring OpenSSL it is possible to do systemwide, but I >> would like to avoid doing so. I was hoping there is a way, similar to ssl options {version: TLSV1,... } to enable this setting just for this particular check in monit, not systemwide, as this opens system to CVE-2009-3555. Thanks.