@benjamin I believe disabling TLSv1.3 via openssl.cnf tweak would work too, without downgrading openssl.
Ie. Using something like this https://launchpadlibrarian.net/428208982 /cap-to-tls1.2.patch (Probably without the CipherString line, which will raise security requirements higher than the default) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1833039 Title: 18.04/Apache2: rejecting client initiated renegotiation due to openssl 1.1.1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1833039/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
