in reply to Re^5: Internal SSL error after Ubuntu update
in thread Internal SSL error after Ubuntu update

I think you will have to look at setting SSL_version in the IO::Socket::SSL constructor (or a higher-level module which passes it through) at that rate.

SUCCESS!

In Company::LDAP::new() (see Internal SSL error after Ubuntu update), you can find this line:

$opts{'sslversion'}='tlsv1_1';

This sets the parameterss for Net::LDAP->start_tls(), sslversion is passed to IO::Socket::SSL. So I've limited the SSL handshake to TLS v1.1. Commenting out that line restores the IO::Socket::SSL defaults, and those simply work. Yeah!

I've no clue why I added that line, probably because of a long debugging session some years ago. At some point, it must have worked, and from that point on, the golden rule "never change a running system" applied.

Alexander

--
Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)