Downgrade openssl3 back to openssl1.1.1

Hi folks,
I’m new to this forum, so please accept my apologies if I’m doing something terribly wrong.

I recently upgraded lots of packages on my workstation and as a result, I now have several programs that are using openssl3 instead of openssl1. Unfortunately, I have to use an old imap server that is not capable of using something newer than tls1.0. I’m aware that this is a security risk and should be avoided at all, but for reasons™ this is something I can’t resolve in the near future.
These are the packages in question:

[hades ~]# pacman -Q | grep -E '^(mutt|openssl)'
mutt 2.2.10-1
openssl 3.1.1-1
openssl-1.1 1.1.1.u-1

[hades ~]# ldd /usr/bin/mutt |grep -i ssl => /usr/lib/ (0x00007f4dba4f6000)

For some reason, mutt is linked against openssl3 and I’m unable to find out how to make mutt use openssl1.

Therefore I would like to ask how I can achieve reverting to openssl 1.1.

Edit: Almost forgot…
OS is Manjaro distribution 23.0.0 (Ultima Thule)

openssl and openssl-1.1 are two separate, distinct packages. You can’t downgrade one into the other.

And wouldn’t help anyway. OP has to compile mutt with openssl-1.1 or use some enable_tls1_whatever flag, if that is even possible - you’ll have to check their documentation.

Thanks. Will do. Apologies for asking such a dumb question.

Edit: Found the cause myself. openssl 3.1.1-1 seems to have silently dropped TLSv1 support, downgrading to openssl 3.0.8 helped.

You could use the current version and enable legacy providers as described in the openssl documentation instead of downgrading to an old version with unpatched security vulnerabilities.


This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.