similar to: BUG: _presence_ of valid openssl.cnf Option = 'ServerPreference' causes Dovecot submission relay FAIL: "failed: Failed to initialize SSL: ..."

Hi, In my Centos-8 server, it was not necessary using "Options = ServerPreference" parameter. My openssl.conf look like that : openssl_conf = default_modules [ default_modules ] ssl_conf = ssl_module [ ssl_module ] system_default = crypto_policy [ crypto_policy ] *.include /etc/crypto-policies/back-ends/opensslcnf.config* And /etc/crypto-policies/back-ends/opensslcnf.config :

I've dovecot --version 2.3.10.1 (a3d0e1171) openssl version OpenSSL 1.1.1g FIPS 21 Apr 2020 , atm on Fedora32. I configure /etc/pki/tls/openssl.cnf to set preferences for apps' usage, e.g. Postfix etc; Typically, here cat /etc/pki/tls/openssl.cnf openssl_conf = default_conf [default_conf] ssl_conf = ssl_sect [ssl_sect] system_default = system_default_sect

> On 22/09/2020 21:00 PGNet Dev <pgnet.dev at gmail.com> wrote: > > > On 9/22/20 10:51 AM, Aki Tuomi wrote: > >>> > > > > Well, dovecot does not actually do any parsing for system-wide openssl.cnf. This sounds more like OpenSSL issue than dovecot issue. > > I've NO issue with that config/setting with any _other_ app -- whether in general

> On 22/09/2020 20:05 PGNet Dev <pgnet.dev at gmail.com> wrote: > > > bump > > On 8/24/20 5:17 PM, PGNet Dev wrote: > > I've > > > > dovecot --version > > 2.3.10.1 (a3d0e1171) > > openssl version > > OpenSSL 1.1.1g FIPS 21 Apr 2020 > > > > , atm on Fedora32. > > > > I configure > > >

On 10/1/20 8:52 AM, JEAN-PAUL CHAPALAIN wrote: > In my Centos-8 server, it was not necessary using? "Options = ServerPreference" parameter. sry, then i'm unclear re: the point you're trying to make. this issue is ONLY about the problem re: THAT parameter's use, not re: general SSL error messages/causes.

Hello, I have some users that connect to a server with their DSA key that is of type ssh-dss. I'm migrating (installing as new) the server where they connect to CentOS 8 + updates. I was not able to connect with the keys to this new server even after having added, as found in several internet pages, this directive at the end of /etc/ssh/sshd_config of the CentOS 8 server: # Accept also DSA

bump On 8/24/20 5:17 PM, PGNet Dev wrote: > I've > > dovecot --version > 2.3.10.1 (a3d0e1171) > openssl version > OpenSSL 1.1.1g FIPS 21 Apr 2020 > > , atm on Fedora32. > > I configure > > /etc/pki/tls/openssl.cnf > > to set preferences for apps' usage, e.g. Postfix etc; Typically, here > > cat /etc/pki/tls/openssl.cnf >

On 9/22/20 10:51 AM, Aki Tuomi wrote: >>> > > Well, dovecot does not actually do any parsing for system-wide openssl.cnf. This sounds more like OpenSSL issue than dovecot issue. I've NO issue with that config/setting with any _other_ app -- whether in general openssl-lib-linked usage, or specifically for a mail submitter (e.g., postfix). The ServerPreference setting is

On 9/23/20 2:14 AM, Aki Tuomi wrote: > I tried to reproduce this with the config you provided. I made sure openssl uses the configuration, but alas, it works just fine for me. ugh. well, good to know. with my my full-blown configs, it's definitely reproducible here. I'll see if I can reduce this to a simple demonstrator ...

EL8 workstation: crypto-policies is set to DEFAULT. I need to establish a VPN connection via NetworkManager (Gnome UI) that uses a legacy protocol. Downgrading the policies globally in /etc/crypto-policies/back-ends (I do it just for one backend) helps to establish the connection. To protect this workstation I want to have this config just for this connection (its openssl based that needs

PubkeyAcceptedKeyTypes=+ssh-dss You also need that ^^ in their client if they are running on el8 machine as well .. i needed to put it in my ~/.ssh/config when connecting FROM an el8 machine to somewhere else. On 10/17/19 9:27 AM, Gianluca Cecchi wrote: > Hello, > I have some users that connect to a server with their DSA key that is of > type ssh-dss. > I'm migrating (installing

On 06/29/2012 01:06 AM, Siu Kwan Lam wrote: > Dear LLVM, > > I am a young developer who have just uploaded my first opensource > project based on LLVM. I would like to know what professionals think of > my project. > > I have started a JIT extension to Python called Pymothoa ( > http://code.google.com/p/pymothoa/). Unlike other similar projects, I > did not modify the

Dear LLVM, I am a young developer who have just uploaded my first opensource project based on LLVM. I would like to know what professionals think of my project. I have started a JIT extension to Python called Pymothoa ( http://code.google.com/p/pymothoa/). Unlike other similar projects, I did not modify the interpreter. Pymothoa uses Python decorators to mark function for JIT compiling. It

On 06/29/2012 02:47 AM, Tobias Grosser wrote: > On 06/29/2012 01:06 AM, Siu Kwan Lam wrote: >> Dear LLVM, >> >> I am a young developer who have just uploaded my first opensource >> project based on LLVM. I would like to know what professionals think of >> my project. >> >> I have started a JIT extension to Python called Pymothoa ( >>