Re: ssl_cipher_list_to_bytes:no ciphers available

2021-05-06 Thread Michael Ströder
On 5/6/21 9:30 PM, Howard Chu wrote: > With this patch > https://git.openldap.org/openldap/openldap/-/commit/cd3567d750b653949e50b6245428e594dff1d8a4 > the above problem will no longer occur.> That is, if your ciphersuite doesn't > contain any TLS1.3 ciphers, then > the existing TLS1.3 ciphersuit

Re: ssl_cipher_list_to_bytes:no ciphers available

2021-05-06 Thread Howard Chu
Michael Ströder wrote: > On 5/5/21 1:29 PM, Howard Chu wrote: >> Michael Ströder wrote: >>> TLSProtocolMin 3.3 >>> TLSCipherSuite HIGH >> >> Then you're getting TLSv1.3 on these connections. Your ciphersuite config >> has no TLSv1.3 ciphers though; cipher suite "HIGH" only affects TLSv1.2 and >> be

Re: ssl_cipher_list_to_bytes:no ciphers available

2021-05-05 Thread Michael Ströder
On 5/5/21 1:29 PM, Howard Chu wrote: > Michael Ströder wrote: >> TLSProtocolMin 3.3 >> TLSCipherSuite HIGH > > Then you're getting TLSv1.3 on these connections. Your ciphersuite config > has no TLSv1.3 ciphers though; cipher suite "HIGH" only affects TLSv1.2 and > below. Ah sorry. I've wrongly im

Re: ssl_cipher_list_to_bytes:no ciphers available

2021-05-05 Thread Michael Ströder
On 5/5/21 2:51 AM, Howard Chu wrote: > Michael Ströder wrote: >> I have issues with OpenSSL ciphers on my openSUSE Tumbleweed and release >> 2.5.4 when connecting to an 2.4 provider: >> >> TLS: can't connect: error:141A90B5:SSL >> routines:ssl_cipher_list_to_bytes:no ciphers available. >> >> An 2.4

Re: ssl_cipher_list_to_bytes:no ciphers available

2021-05-05 Thread Howard Chu
Michael Ströder wrote: > On 5/5/21 1:29 PM, Howard Chu wrote: >> Michael Ströder wrote: >>> TLSProtocolMin 3.3 >>> TLSCipherSuite HIGH >> >> Then you're getting TLSv1.3 on these connections. Your ciphersuite config >> has no TLSv1.3 ciphers though; cipher suite "HIGH" only affects TLSv1.2 and >> be

Re: ssl_cipher_list_to_bytes:no ciphers available

2021-05-05 Thread Howard Chu
Michael Ströder wrote: > Filed ITS: > > https://bugs.openldap.org/show_bug.cgi?id=9546 Not a bug. Closing. > > Ciao, Michael. > -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://ww

Re: ssl_cipher_list_to_bytes:no ciphers available

2021-05-05 Thread Howard Chu
Michael Ströder wrote: > On 5/5/21 2:51 AM, Howard Chu wrote: >> Michael Ströder wrote: >>> I have issues with OpenSSL ciphers on my openSUSE Tumbleweed and release >>> 2.5.4 when connecting to an 2.4 provider: >>> >>> TLS: can't connect: error:141A90B5:SSL >>> routines:ssl_cipher_list_to_bytes:no

Re: ssl_cipher_list_to_bytes:no ciphers available

2021-05-05 Thread Michael Ströder
Filed ITS: https://bugs.openldap.org/show_bug.cgi?id=9546 Ciao, Michael.

Re: ssl_cipher_list_to_bytes:no ciphers available

2021-05-04 Thread Howard Chu
Michael Ströder wrote: > HI! > > I have issues with OpenSSL ciphers on my openSUSE Tumbleweed and release > 2.5.4 when connecting to an 2.4 provider: > > TLS: can't connect: error:141A90B5:SSL > routines:ssl_cipher_list_to_bytes:no ciphers available. > > An 2.4.58 consumer replica works just fin

ssl_cipher_list_to_bytes:no ciphers available

2021-05-04 Thread Michael Ströder
HI! I have issues with OpenSSL ciphers on my openSUSE Tumbleweed and release 2.5.4 when connecting to an 2.4 provider: TLS: can't connect: error:141A90B5:SSL routines:ssl_cipher_list_to_bytes:no ciphers available. An 2.4.58 consumer replica works just fine. There is this commit in RE25 and I'm