at 1:13 AM Stilyan Georgiev
wrote:
> Thanks for the input Alex.
> I had many, many issues compiling openssl without tls1.3. At first i tried
> doing it side by side with version I had in OS but failed miserably, with
> squid continuing to use the OS package.
> Eventually I release
uss...@measurement-factory.com> wrote:
> On 2/26/19 4:55 AM, Stilyan Georgiev wrote:
>
> > Squid 4.5 with openssl support here.
> > SSL bumping can't obtain SNI / cert domain to perform filtering when
> > tls1.3 is used.
> > I want to disable support for tls1.3
On Thu, Feb 28, 2019 at 12:05 AM Stilyan Georgiev
wrote:
> Tried everything , including upgrading the system to version that has
> openssl1.1.1-1 , recompiling the package to exclude TLS 1.3 support , using
> -- tls_outgoing_options options=NO_TLSv1_3 where NO_TLSv1_3 simply wasn'
ubuntu version :)
Truly blocked with this.
On 2/27/2019 10:59 AM, Stilyan Georgiev wrote:
Hi,
Trying to build squid using custom path for openssl and related
libraries. My goal is to use openssl 1.1.1 which is installed in
/usr/local
--
/usr/local/bin/openssl version
OpenSSL 1.1.1b 26 Feb
Hi,
Trying to build squid using custom path for openssl and related
libraries. My goal is to use openssl 1.1.1 which is installed in /usr/local
--
/usr/local/bin/openssl version
OpenSSL 1.1.1b 26 Feb 2019
--
I did install it like that:
--
./config --prefix=/usr/local --openssldir=/usr/loca
Hi,
Squid 4.5 with openssl support here.
SSL bumping can't obtain SNI / cert domain to perform filtering when
tls1.3 is used.
I want to disable support for tls1.3 in config but don't find way to do
so. There's the outdated sslproxy_options config directive which doesn't
appear to be supported
