Skip to content

Instantly share code, notes, and snippets.

@mkontani

mkontani/tlsv1.0.log.md

Last active December 6, 2021 19:45
Show Gist options
  • Save mkontani/5e8655797b84d44dd745483fa855ebd2 to your computer and use it in GitHub Desktop.
Save mkontani/5e8655797b84d44dd745483fa855ebd2 to your computer and use it in GitHub Desktop.
Download ZIP
Use tlsv1.0 on OpenSSL 1.1.1f ( like Ubuntu20)
Raw
tlsv1.0.log.md

OpenSSL >= 1.1.1f do not support TLSv1.0, so even if any tools using this library like curl/wget are support TLSv1.0 option, they cannot use TLSv1.0 option.

ᐅ curl --tlsv1 -i https://support-only-tlsv1.0-site
curl: (35) error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol

So you should downgrade support version. (Be careful!! This is much vulnerable, so do not use on sensitive connection.)

  1. Prepare temporary conffile tlsv1.0.cnf like below:
openssl_conf = default_conf

[ default_conf ]
ssl_conf = ssl_sect

[ssl_sect]
system_default = system_default_sect

[system_default_sect]
MinProtocol = TLSv1
CipherString = DEFAULT:@SECLEVEL=1
  1. run any command with env OPENSSL_CONF=/path/to/tlsv1.0.cnf
ᐅ OPENSSL_CONF=/path/to/tlsv1.0.cnf curl --tlsv1 -i https://support-only-tlsv1.0-site
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment