OpenSSL quirk

Hal Murray hmurray at
Mon Oct 28 20:26:35 UTC 2019

kurt at said:
> TLS 1.2 got added in 1.0.1, which was released in 2012. I'm guessing there
> are some old redhat versions that are still supported running something
> older, like 0.9.8. 


I think I've figured out what was going on.  I was testing with self-signed 
certificates and trying to save some time by using noval rather than setting 
up the corresponding root certificate.  I think the problem is that noval 
doesn't work with old versions of OpenSSL.

The recipe for checking the certficate has changed over the years.  With 
modern versions of OpenSSL, I have to run a few lines of code.  With older 
versions, it happened automagically.  I haven't tracked down the details as to 
when noval works or doesn't work with the current NTS code and/or if I can 
make it work with older versions.

These are my opinions.  I hate spam.

More information about the devel mailing list