I updated the ssl packages to 3.0.2-0ubuntu1.4, and confirmed the updated openssl.cnf with the new directives:
--- ssl-orig/openssl.cnf 2022-03-16 09:35:51.000000000 +0100 +++ ssl/openssl.cnf 2022-06-09 13:20:55.000000000 +0200 @@ -52,6 +52,7 @@ tsa_policy3 = 1.2.3.4.5.7
[openssl_init] providers = provider_sect +ssl_conf = ssl_sect
# List of providers to load [provider_sect] @@ -388,3 +389,9 @@ oldcert = $insta::certout # insta.cert.p # Certificate revocation cmd = rr oldcert = $insta::certout # insta.cert.pem + +[ssl_sect] +system_default = system_default_sect + +[system_default_sect] +CipherString = DEFAULT:@SECLEVEL=2
I updated the ssl packages to 3.0.2-0ubuntu1.4, and confirmed the updated openssl.cnf with the new directives:
--- ssl-orig/ openssl. cnf 2022-03-16 09:35:51.000000000 +0100
+++ ssl/openssl.cnf 2022-06-09 13:20:55.000000000 +0200
@@ -52,6 +52,7 @@ tsa_policy3 = 1.2.3.4.5.7
[openssl_init]
providers = provider_sect
+ssl_conf = ssl_sect
# List of providers to load default_ sect]
[provider_sect]
@@ -388,3 +389,9 @@ oldcert = $insta::certout # insta.cert.p
# Certificate revocation
cmd = rr
oldcert = $insta::certout # insta.cert.pem
+
+[ssl_sect]
+system_default = system_default_sect
+
+[system_
+CipherString = DEFAULT:@SECLEVEL=2