You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
OpenSSL 3.x no longer supports the use of RC2-40-CBC encryption for PFX private keys without reverting to "legacy" mode which is cumbersome. AES256CBC with HMAC-SHA256 is the modern option used with the UseModernPfxEncryption option in #447 and is supported natively on both OpenSSL 3.x and 1.1.x, but not on 1.0.x which is EOL.
To avoid potentially breaking users in 4.x, #447 made the modern encryption option opt-in. But with a new major version, we should change the default for new orders to use the modern encryption option and make the legacy option opt-in.
The text was updated successfully, but these errors were encountered:
OpenSSL 3.x no longer supports the use of RC2-40-CBC encryption for PFX private keys without reverting to "legacy" mode which is cumbersome. AES256CBC with HMAC-SHA256 is the modern option used with the
UseModernPfxEncryptionoption in #447 and is supported natively on both OpenSSL 3.x and 1.1.x, but not on 1.0.x which is EOL.To avoid potentially breaking users in 4.x, #447 made the modern encryption option opt-in. But with a new major version, we should change the default for new orders to use the modern encryption option and make the legacy option opt-in.
The text was updated successfully, but these errors were encountered: