Reputation: 634
OpenSSL version mismatch
Is there a way to downgrade OpenSSL to a specific version because of a version mismatch message when trying to connect? I don't want to upgrade the server version of SSL, only downgrade the client version.
Upvotes: 0
Views: 4338
Answers (3)
Reputation: 12223
This happened because of the openssl version in miniconda. To remove it I followed these instructions:
https://github.com/conda-forge/miniforge#uninstallation
Alternatively, you could probably update it. But I wasn't using it so uninstalled.
Upvotes: 0
Reputation: 634
I was able to get it working again after I did the apt-get install openssh-server openssh-client. I am not sure if there are/will be any other issues with the other clients, but time will tell.
Upvotes: 1
Reputation: 2303
YOU SHOULD NOT DOWNGRADE THE CLIENT
That's not enough of a caveat. You're putting your (and your client's) data at risk. Do yourself a favor and look through https://www.openssl.org/news/vulnerabilities.html before using any older versions of TLS or SSL.
If you still insist, you choose the supported protocol family when you initialize the SSL_CTX. See https://www.openssl.org/docs/man1.0.2/ssl/SSL_CTX_new.html
BUT YOU SHOULD JUST UPGRADE THE SERVER.
Invest in the future, not the past.
Upvotes: 1
Related Questions
- OpenSSL KEYUPDATE and "SSL_key_update:wrong ssl version"
- Downgrade to OPENSSL version 1.0 from 1.1 on mac
- Can't use openssl server because the ciphers are outdated...or something...ERR_SSL_VERSION_OR_CIPHER_MISMATCH
- Updating OpenSSL version on OSX
- Why 'apt-get install openssl' did not install last version of OpenSSL?
- Cannot finish handshake due to 'wrong version number' error
- Differences in behavior for different openssl versions
- OpenSSL ClientHello fails in latest version
- OpenSSL secure renegotiation failed
- OpenSSL Phantom Non-Existing Versions