If you used the third method to enable weak ciphers on Zimbra in the previous article, this is my approach to enable it.
For example, I am using Ubuntu for compile OpenSSL
– Install the package to compile
sudo apt-get update && sudo apt-get upgrade -y sudo apt install build-essential make wget -y
– Get OpenSSL version that used by Zimbra
su - zimbra openssl version
In the latest Zimbra patch, the OpenSSL version used is 3.0.9
– Download the same version of OpenSSL
cd /srv/ wget -c https://www.openssl.org/source/old/3.0/openssl-3.0.9.tar.gz
– Extract and configure OpenSSL to Support Weak Ciphers and 3DES
tar -xvf openssl-3.0.9.tar.gz cd openssl-3.0.9 ./config enable-weak-ssl-ciphers enable-des shared --prefix=/opt/openssl-3.0.9 -Wl,-rpath=/opt/openssl-3.0.9/lib64 -DOPENSSL_TLS_SECURITY_LEVEL=0
– Compile OpenSSL
sudo make sudo make install
Please wait until the compilation process is complete
– Check the compiled openssl version
/opt/openssl-3.0.9/bin/openssl version
Below is the result
root@mail:~# /opt/openssl-3.0.9/bin/openssl version OpenSSL 3.0.9 30 May 2023 (Library: OpenSSL 3.0.9 30 May 2023)
Good luck 🙂