Re: [Openvpn-users] Compatibility from openvpn 2.4 to 2.7

[Gert D. <ge...@gr...>]

Hi,

On Fri, Oct 17, 2025 at 11:19:48AM +0200, Simon Matter wrote:
> Looks like "update-crypto-policies --set LEGACY" did the trick to make it
> work. Ar least this makes the errors go away in a test setup. I'll soon do
> it on a production system.

Ah, Redhat...  "why should we leave decisions to software when we can
annoy everbody with a global setting".

(I'm not exactly sure how these crypto policies work, but they seem to
override the application's request to get "--tls-cert-profile insecure")

thanks for reporting back the solution ;-)

gert
-- 
"If was one thing all people took for granted, was conviction that if you 
 feed honest figures into a computer, honest figures come out. Never doubted 
 it myself till I met a computer with a sense of humor."
                             Robert A. Heinlein, The Moon is a Harsh Mistress

Gert Doering - Munich, Germany                             ge...@gr...