[CentOS] easy way to stop old ssl's

Fri Oct 11 20:58:14 UTC 2019
Warren Young <warren at etr-usa.com>

On Oct 11, 2019, at 2:52 PM, isdtor <isdtor at gmail.com> wrote:
> 
>> Yes, breaking changes.  Doing this *will* cut off support for older browsers.  On purpose.
> 
> Old browsers aren't really the problem. Even ff 45 (?) from CentOS5 will happily access a TLSv1.2-only server.

IE 10 and older won’t, though: https://caniuse.com/#feat=tls1-2

> The problem is user that have old versions of software installed with no TLSv1.2 support. SVN, python 2.7 scripts, etc.

Also true.  There’s a lot of stuff still linked to OpenSSL 1.0.0 and 0.98.