This is not an STunnel issue but an OpenSSL libraries/defaults issue.

In Ubuntu 22.04 and later with the last set of major OpenSSL changes applied, the OpenSSL defaults for supported ciphers and protocols has changed. As such, TLS 1.0 is considered bad for use and the defaults in OpenSSL deny use of them.

This will require you to revise system-wide settings to allow TLS 1.0 or explicitly enabling TLS 1.0 in your stunnel configs.

Sent from my Galaxy

-------- Original message -------- From: Stefano Pelli ste.pelli@tiscali.it Date: 10/23/23 07:47 (GMT-05:00) To: stunnel-users@stunnel.org Subject: [stunnel-users] TLSV1.0

Dear all, as my first post, I am asking a confirmation: is TLS ver 1.0 still supported by stunnel (unfortunately, I need that deprecated version to access a server)?

It all worked fine, then I upgraded to Kubuntu 22.04 and for some reason that broke the support of this protocol.

I get the connection closed right after trying to open it. Before upgrading all was working without a hitch.

Since then (1 year ago), I have been looking for solutions and trying all sorts of fixes by changing stunnel.conf, but with no success.

Can you be so kind to give me some info about this and if possible a remedy until the server gets updated (not under my control)?

Thank you in advance, Stefano

_______________________________________________ stunnel-users mailing list -- stunnel-users@stunnel.org To unsubscribe send an email to stunnel-users-leave@stunnel.org

Hi,

despite I don't know the exact dependencies between *nix system libraries and stunnel (or if it has static libraries), have a look to the sslVersionMax and sslVersionMin options for a service level config in stunnel.conf.

As long as it works as on Windows, from the manual: "Supported versions: all, SSLv3, TLSv1, TLSv1.1, TLSv1.2, TLSv1.3"

Regards.