On Sat, Jul 29, 2023 at 10:42 AM <debian-u...@howorth.org.uk> wrote:
> Eduardo M KALINOWSKI <edua...@kalinowski.com.br> wrote: > > On 28/07/2023 17:04, Patrick Wiseman wrote: > > > I have an AppImage from Creality which segfaults with a QT ssl > > > error. Googling tells me that the latest version of OpenSSL (3.x) > > > omits some X509 functionality, which can be found in OpenSSL-1.1. > > > (And someone reports that installing it solves the problem.) But I > > > can't find that package. Is there any way to revert to an earlier > > > version of OpenSSL? I'm on an up-to-date bookworm system. > > > > AppImages bundle all the libraries used by the application, so > > changing the "system" version of openssl probably won't work. > > It sounds like you need to contact Creality to update the AppImage. > Although > > https://forum.manjaro.org/t/creality-slicer-appimage-not-loading-qt-network-ssl-errors/143726 > suggests that the AppImage does not contain the OpenSSL library. > > But the only 'omission' of X.509 functionality that I can see on > https://www.openssl.org/news/openssl-3.0-notes.html is > "X509 certificates signed using SHA1 are no longer allowed at security > level 1 or higher. The default security level for TLS is 1, so > certificates signed using SHA1 are by default no longer trusted to > authenticate servers or clients." > > I'm not sure I'd want to be deliberately trying to undo a security > upgrade. > > I'm sure you're right. Contacting Creality is a fool's game; they've been alerted to the problem since they released the software, so I'll just have to be patient. Thanks to all for your suggestions. Patrick
