OPNsense Forum
Archive => 19.1 Legacy Series => Topic started by: bmail on April 23, 2019, 10:28:16 am
-
Hello,
Small and perhaps silly question:
Is it possible and safe to swith from OpenSSL to LibreSSL for the choice of the firmware cryptography flavour (firmware > parameters) ?
Present Release: 19.1.6 running with OpenSSL
Purpose: to get closer to the work of OpenBSD team.
Thanks a lot for your advices
-
I'm using LibreSSL on 2 installs with openVPN tunnels. Only problem is with unbound and DNS-over-TLS, otherwise doing fine...
-
Hello Chemlud,
Thanks for sharing your experience.
For the moment I use unbound without TLS, so that should work.
But, can I now, safely, switch (in the gui) to LibreSSL without breaking anything. I suppose this will be taken into account after the next update, and not right now.
Thanks.
-
I switched to LibreSSL last year without any trouble. What happenz nowadays if you switch? I would assume that nothing will break. But I'm not an insurance company... :-D
-
As far as I know there may be also a problem with wireguard (or was it another plugin?) if I remember that correctly that it is not available in LibreSSL. There is no problem to expect with the major plugins.
-
OK, thanks to all !
I'm going to test openvpn and squid ssl inspection within a test environment.
Have a good day.
Best regards
Bertrand