Would this be true for FreeBSD as well? I also have a bind 9.18.24 instance running on freeBSD and it seems to be ok.
Bob > The crypto policy stuff ultimately creates and maintains files in /etc/crypto-policy/backends, which has a list of acceptable or not-acceptable crypto settings. > Whilst a "bind.config" is created, you aren't including it in your config (this is fine), which suggests that the issue is with some of openssl configurations (which will be system wide anyway). > You can use the update-crypto-policies to update only the openssl configuration to allow sha1, or you could manually recreate those files (instead of the usual symlinks) and edit them individually as you please. > Stuart
-- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
