On 2024-01-22 at 12:42:08 UTC-0500 (Mon, 22 Jan 2024 12:42:08 -0500)
Viktor Dukhovni via Postfix-users <postfix-users@postfix.org>
is rumored to have said:
On Mon, Jan 22, 2024 at 11:44:40AM -0300, Taco de Wolff via
Postfix-users wrote:
[...]
Has this something to do with FIPS mode? I don't think so because the
ciphers show up in OpenSSL. Why is TLS1.3 not getting enabled?
Ask RedHat.
With the caveat that I am absolutely NOT RedHat...
Circa 2019 I ran into a similar problem: The RHEL OpenSSL 1.1.1-FIPS
can't do TLS 1.3. I don't have any hard reference for that readily
available but I have a vague recollection that the root cause was a
remarkably stupid issue involving the formal certification.
Also worth noting: OpenSSL 1.1.1 is obsolete and has no upstream
support.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
