Netfuture: The future is networked

Using TLS Interposer with OpenSSL 0.9.8g (Debian Lenny)

Debian logoOlder installations, such as trusty Debian Lenny, come with versions of OpenSSL 0.9.8. The default cipher suite used by TLS Interposer is very restrictive, on purpose. For OpenSSL 0.9.8g, the only remaining cipher is RC4-SHA.

Especially when configuring XMPP servers such as ejabberd to use TLS Interposer, RC4-SHA alone can be not enough (e.g., when connecting to servers such as jabber.ru, which has RC4 disabled entirely.

[simple_series title=”TLS Interposer articles”]

Therefore, please add

export TLS_INTERPOSER_CIPHERS="DHE-RSA-AES256-SHA AES256-SHA RC4-SHA"
export TLS_INTERPOSER_OPTIONS=debug,logfile

to your configuration list. This will also be the default starting in TLS Interposer 1.3.0 (and is already in the current master git repository).

Marcel Waldvogel

,
,

Let’s stay in touch!

Receive a mail whenever I publish a new post.

About 1-2 Mails per month, no Spam.

Follow me on the Fediverse

Netfuture: The future is networked
Netfuture: The future is networked
@blog@netfuture.ch

The future of networking

206 posts
6 followers

Web apps

Leave a Reply

Only people in my network can comment.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

To respond on your own website, enter the URL of your response which should contain a link to this post's permalink URL. Your response will then appear (possibly after moderation) on this page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Find out more about Webmentions.)