Sometimes you need to change TLS/SSL parameters for a service using
libssl library from openssl, but the service config does not accept that parameters. In this example, I had to change rsyslog forwarder parameters to send logs to the target that wasn’t playing nice with TLS 1.3 and modern encryption protocols.
libssl and applications using it take configuration parameters from configuration file set by environment variable
OPENSSL_CONF or from default file
Openssl documentation is not the easiest one to read, but
man 5ssl config and some googling got me what I wanted.
And finally applying the new configuration:
Comments are closed