> On Oct 3, 2021, at 7:09 PM, Rob Stradling <r...@sectigo.com> wrote: > > The "Old Let’s Encrypt Root Certificate Expiration and OpenSSL 1.0.2" blog > article [1] doesn't cover OpenSSL versions prior to 1.0.2, presumably because > they've been unsupported for a long time. However, no doubt there are still > some users and applications that are stuck using even older versions of > OpenSSL.
Indeed, CentOS/RHEL 7 and earlier still use OpenSSL 1.0.2. These are widely used in shared hosting. We ended up implementing Workaround #2 in order to bring OpenSSL 1.0.x into parity with the behaviour of 1.1.0+. It would be nice--would have been helpful for me, at least--to have fleshed-out code examples. Thank you to everyone who maintains OpenSSL and who’s helping us all through this transition. cheers, -Felipe Gasper
