It looks like this was added in: https://github.com/openssl/openssl/commit/72d2670bd21becfa6a64bb03fa55ad82d6d0c0f3
in order to address servers that have not yet been updated for CVE-2009-3555. It's possible to add a flag at the C level to connect insecurely, SSL_OP_LEGACY_SERVER_CONNECT, but I don't see this added to python: https://bugs.python.org/issue44888 https://github.com/python/cpython/pull/27776 Thus it might not be easily reachable from Python programs. Best would be to update the remote server to address CVE-2009-3555 (it might also be known as "support RFC 5746"). I'm not sure what to suggest for programs written in Python. Thanks ** Bug watch added: Python Roundup #44888 http://bugs.python.org/issue44888 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2009-3555 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1963834 Title: openssl 3.0 - SSL: UNSAFE_LEGACY_RENEGOTIATION_DISABLED] To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1963834/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs