relayd(8) and httpd(8) TLS settings update.

Contributed by Janne Johansson on 2026-06-28 from the is it secret, is it safe? dept.

Both relayd(8) and httpd(8) now have the "secure" list of allowed crypto methods for HTTPS, which include TLSv1.3 and the TLSv1.2 AEAD cipher suites. The previous list was "HIGH:!aNULL" which contain non-perfect-forward-security methods and this change may cause old clients to not be able to connect.

Latest Articles

Mon, Jun 29
- 16:57 relayd(8) and httpd(8) TLS settings update. (0)
Tue, Jun 23
- 11:46 OpenBSD/amd64 kernel virtual address space is now 512GB (2)
Fri, Jun 12
- 08:02 syslogd(8) privileged and non-privileged parts now separate binaries (0)
Fri, Jun 05
- 06:41 Random relinking at boot comes to httpd(8) and smtpd(8) (0)
Wed, Jun 03
- 06:58 llvm/clang(1)/lld(1) updated to version 22.1.6 (0)
Wed, May 27
- 05:56 LibreSSL 4.3.2 released (0)
Sat, May 23
- 11:51 Game of Trees 0.126 released (0)
Tue, May 19
- 13:27 OpenBSD 7.9 Released (1)
Sat, May 16
- 06:46 Migrating mail servers from exim to OpenSMTPD (smtpd) is fun and useful (0)

Credits

Copyright © 2004-2008 Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to April 2nd 2004 as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]