@jgunthorpe, what if you do something like this, where you create an OPENSSL_CONF that explicitly (re)enables unsafe legacy negotiation? Instead of using /dev/null.
``` $ cat > /tmp/openssl.conf <<EOF _openssl_conf = openssl_init [openssl_init] ssl_conf = ssl_sect [ssl_sect] system_default = system_default_sect [system_default_sect] Options = UnsafeLegacyRenegotiation_ EOF $ OPENSSL_CONF=/tmp/openssl.conf curl <usual options> ``` That comes from https://github.com/dlenski/gp-saml-gui/issues/42 ** Bug watch added: github.com/dlenski/gp-saml-gui/issues #42 https://github.com/dlenski/gp-saml-gui/issues/42 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968467 Title: CSD scripts do not work on jammy To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openconnect/+bug/1968467/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs