Details
-
Bug
-
Status: Resolved
-
Blocker
-
Resolution: Fixed
-
None
-
ghx-label-2
Description
The problem in brief is that when we build against an older version of OpenSSL and run against a higher version of OpenSSL, the SSLeay() function (which is supposed to return the runtime version of OpenSSL), returns the compile time version of OpenSSL instead of the version that it's actually running against.
Due to this, our version compatibility checking code doesn't allow us to use TLSv1.2 on certain platforms (specifically RHEL when it's built against OpenSSL 1.0.0 and run on a CentOS system with OpenSSL 1.0.1 or above).
This was filed as a bug against RHEL:
https://bugzilla.redhat.com/show_bug.cgi?id=1497859