in reply to Re^4: Internal SSL error after Ubuntu update
in thread Internal SSL error after Ubuntu update

I think you will have to look at setting SSL_version in the IO::Socket::SSL constructor (or a higher-level module which passes it through) at that rate.


🦛

  • Comment on Re^5: Internal SSL error after Ubuntu update

Replies are listed 'Best First'.
Re^6: Internal SSL error after Ubuntu update
by afoken (Canon) on Jan 22, 2021 at 15:30 UTC
    I think you will have to look at setting SSL_version in the IO::Socket::SSL constructor (or a higher-level module which passes it through) at that rate.

    SUCCESS!

    In Company::LDAP::new() (see Internal SSL error after Ubuntu update), you can find this line:

    $opts{'sslversion'}='tlsv1_1';

    This sets the parameterss for Net::LDAP->start_tls(), sslversion is passed to IO::Socket::SSL. So I've limited the SSL handshake to TLS v1.1. Commenting out that line restores the IO::Socket::SSL defaults, and those simply work. Yeah!

    I've no clue why I added that line, probably because of a long debugging session some years ago. At some point, it must have worked, and from that point on, the golden rule "never change a running system" applied.

    Alexander

    --
    Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)