On Po, 2015-06-15 at 14:22 +0000, Arkadiusz Miskiewicz via RT wrote:
> Hello.
>
> I've just upgraded from 1.0.2a to 1.0.2c and now I no longer can connect from
> mysql client to my mysql server. Downgrading to 1.0.2a and the problem is
> gone.
>
That's because mysql server hardcodes 512 bits DH parameters. That's
insecure and connect is prevented by the LOGJAM fix. You can configure
the server to not use DH ciphersuites as a workaround, or patch the
mysql server to use at least 1024 bits DH parameters.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
(You'll never know whether the road is wrong though.)
_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
