mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-09 18:45:54 +02:00
c847846c4c
- Any insecure connections made with openssl-3.x can have the cert and key extracted but if the insecure connection was made from prior to CU175 Testing then it used openssl-1.1.1 which causes an error under openssl-3.x due to the old version being able to accept older ciphers no longer accepted by openssl-3.x - Adding the -legacy option to the openssl commands enables openssl-3.x to successfully open them and extract the cert and key - Successfully tested on a vm system. Confirmed that the downloaded version under openssl-3.x worked exactly the same as the version downloaded under openssl-1.1.1 Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>