Bug 1266610 - openssl and curl support up to TLSv1 only in RHEL5
openssl and curl support up to TLSv1 only in RHEL5
Status: CLOSED CANTFIX
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: openssl (Show other bugs)
5.11
x86_64 Linux
unspecified Severity high
: rc
: ---
Assigned To: Tomas Mraz
BaseOS QE Security Team
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-09-25 16:18 EDT by Mike Green
Modified: 2015-09-29 03:25 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-09-29 03:25:36 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Mike Green 2015-09-25 16:18:05 EDT
Description of problem:
In RHEL5x, both openssl and curl do not support anything higher than TLSv1.
Our credit card processor is requiring TLSv1_1 or higher by June of 2016 for PCI 3.x compliance.

Version-Release number of selected component (if applicable):
Red Hat Enterprise Linux Server release 5.11 (Tikanga)
openssl.x86_64                      0.9.8e-36.el5_11
curl.x86_64                         7.15.5-17.el5_9

How reproducible:
grep "CURL.*TLSv.*" /usr/include/curl/curl.h
CURL_SSLVERSION_TLSv1,

sudo openssl s_client -connect testgate.viaconex.com:443< 
http://testgate.viaconex.com:443><http://testgate.viaconex.com:443>
-tls1_2

unknown option -tls1_2
usage: s_client args

....lines omitted...
-ssl2         - just use SSLv2
-ssl3         - just use SSLv3
-tls1         - just use TLSv1
-dtls1        - just use DTLSv1
Comment 1 Tomas Mraz 2015-09-29 03:25:36 EDT
Please see https://access.redhat.com/solutions/1609823

Note You need to log in before you can comment on or make changes to this bug.