Some weak anon ciphers will work on OpenSSL version before 1.0.2, but support for automatic EC temporary key parameter selection won't work as it needs SSL_CTX_set_ecdh_auto and SSL_CTX_set_tmp_ecdh API which is also supported in 1.0.2 and higher only.
This test for example uses anon server and client and will work on CentOS 6: https://github.com/rsyslog/rsyslog/blob/master/tests/sndrcv_tls_ossl_serveranon_ossl_clientanon.sh Best regards, Andre Lorbach > -----Original Message----- > From: David Lang [mailto:da...@lang.hm] > Sent: Tuesday, October 8, 2019 1:08 PM > > centos 6 has 1.0.1e (with lots of backports) > > if I don't try to configure ciphers, is there a config that will work? or > is the > anon auth mode part of what requires this API? (or something like that) _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
