Am 10.11.21 um 18:05 schrieb Jim Jagielski: > Ugg ugg and double ugg > > We seem to be stuck in a chicken-and-egg situation. > > Do we *really* need OpenSSL 1.1? Because even the latest release of serf > doesn't really support that. > > What is the issue w/ using OpenSSL 1.0.2 that is driving us to OpenSSL 1.1?
The main problem is that Let's Encrypt root certificates expired at the end of October and OpenSSL 1.0.2 has problems with the new ones: https://www.openssl.org/blog/blog/2021/09/13/LetsEncryptRootCertExpire/ For whatever reason it still works on Windows, but AOO on Linux and macOS cannot connect to our Update Feed and the extensions site anymore. Workaround 3 (mentioned in the article) would be a possibility to fix that on the server side. > > PS: OpenSSL is universally, IMO, becoming a major PITA. I'm all for upgrades > and keeping things fresh, but it seems like it is moving way too fast for its > consumers. > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org > For additional commands, e-mail: dev-h...@openoffice.apache.org >
smime.p7s
Description: S/MIME Cryptographic Signature
