Marc Deslauriers (mdeslaur) wrote on 2013-12-02: Unfortunately, because of the large number of sites which incorrectly handled TLS v1.2 negotiation, we had to disable TLS v1.2 on the client.
Marc Deslauriers (mdeslaur) wrote on 2014-12-08: #15 Apache2 in 12.04 supports TLSv1.2 just fine, I've been running test scripts against it. Hi Marc, I'm running 12.04 and nginx. Is TLSv1.2 enabled on my config? We are updating to 16.04 but need a quick fix. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1256576 Title: Ubuntu 12.04 LTS: OpenSSL downlevel version is 1.0.0, and does not support TLS 1.2 Status in openssl package in Ubuntu: Fix Released Bug description: The long term support version of Ubuntu 12.04 provides OpenSSL 1.0.0. A wireshark trace shows the version of OpenSSL used by Ubuntu does not support TLS 1.2. According to the change logs, TLS 1.2 support was added 14 March 2012. The change log can be found at http://www.openssl.org/news/changelog.html, and the TLS additions can be found under the heading "Changes between 1.0.0h and 1.0.1". $ ldd /usr/lib/x86_64-linux-gnu/libssl.so linux-vdso.so.1 => (0x00007fffd9d84000) libcrypto.so.1.0.0 => /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 (0x00007f1e0691e000) libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f1e0655e000) libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f1e06359000) libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x00007f1e06142000) /lib64/ld-linux-x86-64.so.2 (0x00007f1e06f6d000) *********** OpenSSL 1.0.1 is compatible with 1.0.0. From the OpenSSL FAQ (http://www.openssl.org/support/faq.html): 8. How does the versioning scheme work? After the release of OpenSSL 1.0.0 the versioning scheme changed. Letter releases (e.g. 1.0.1a) can only contain bug and security fixes and no new features. Minor releases change the last number (e.g. 1.0.2) and can contain new features that retain binary compatibility. Changes to the middle number are considered major releases and neither source nor binary compatibility is guaranteed. ********** By the way, its nearly impossible to file a bug report through the launch pad. The maze that's been created is impossible to navigate, and its worse than one of those phone menu systems. I had to look up the URL to file at http://www.cryptopp.com/wiki/Talk:Linux. Great job to the designers of the system. Its probably the same idiots who thought a tablet manager was a great idea on the desktop.. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1256576/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
