TLS 1.2
Yorgos Thessalonikefs
yorgos at nlnetlabs.nl
Mon Mar 2 16:56:14 UTC 2026
Hi Erwan,
There is now this PR [1] that addresses some issues around TLS protocol
configuration.
Among other things it:
- introduces a new `tls-protocols` configuration option,
- brings back TLS1.2 support by default.
This will be included in the next feature release of Unbound, probably
1.25.0.
Best regards,
-- Yorgos
[1] https://github.com/NLnetLabs/unbound/pull/1406
On 22/09/2025 15:25, Erwan David via Unbound-users wrote:
> Hello,
>
> having upgraded to unbound 1.24, I find that since my server knows TL1.3, TLS1.2 is disabled.
> But I have old Android 10 clients (not possible to upgrade) which cannot do 1.3 for the "private DNS" feature, which is,
> as far as I know, the only way to specify a DNS to an android device not given by the local network.
>
> What can I have as a solution for those old clients (perfectly functionals for their use, so buying new dvices would be seen as a waste)
>
More information about the Unbound-users
mailing list