[Info-vax] OpenSSL CSWS-2.2-1
Arne Vajhøj
arne at vajhoej.dk
Thu Mar 14 17:08:18 EDT 2019
On 3/14/2019 4:40 PM, Dave Froble wrote:
> On 3/14/2019 1:25 PM, Jan-Erik Söderholm wrote:
>> Den 2019-03-14 kl. 17:36, skrev Neil Rieck:
>>> Everyone reading this already knows that HP (now HPE) used to provide
>>> free updates for CSWS (a.k.a. Apache for OpenVMS) modules including SSL,
>>> Java, PHP, etc. All of those web pages have been redirected to the
>>> common OpenVMS landing page so I guess we can assume that those days are
>>> over.
>>>
>>> However, life goes on and I just learned that all major browsers are
>>> going to disable TLS-1.0 and TLS-1.1 sometime in 2020. Here are a few
>>> links which shine more light on the announcement.
>>> Now 2020 seems a long way off but web developers at my employer's
>>> company are already seeing TLS-1.0 and TLS-1.1 warnings in the AJAX much
>>> transport associated with "Developer Tools" in Chrome v73 so I suggest
>>> that anyone with an OpenVMS support contract at HPE contact them for
>>> support (previously they just send out a new version of file
>>> "mod_ssl.exe"). I just filed a support request with them this morning.
>> Not that it helps CSWS much, but WASD got OpenSSL 1.1.1 (incl. TLS 1.3)
>> pre-support in May 2017 and the SSL 1.1.1 kit is from Nov 2018.
>>
>> https://wasd.vsm.com.au/wasd_root/doc/misc/changes.html
>> https://wasd.vsm.com.au/wasd/
> Makes me wonder. How difficult is it to move existing stuff from Apache
> to WASD?
Depends a lot on what the stuff is.
Static content : should be easy.
CGI scripts : probably easy.
Some very specific Apache modules : somewhere between hard and impossible
Arne
More information about the Info-vax
mailing list