Infrastructure | TLS configuration problem on "dh key too small" (#189)

Title: GitLab

Bjørn Mork created an issue:

This causes mail delivery problems with modern TLS clients. The issue is easy to reproduce with openssl 1.1:

bjorn@canardo:~$ openssl s_client -connect -starttls smtp -quiet depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3 verify return:1 depth=0 CN = verify return:1 140507914929280:error:141A318A:SSL routines:tls_process_ske_dhe:dh key too small:../ssl/statem/statem_clnt.c:2150:

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]