Re-Enable TLS 1.0 for OpenSSL-based Clients on Debian Buster

OpenSSL shipped with Debian 10 „Buster“ disables TLS protocol versions below 1.2. The web-browsers Chromium and Firefox ship with an embedded SSL implementation and are not affected (they will issue warnings about legacy websites), but it can cause problems with curl, Squid and other clients that are linked against the OpenSSL of the distribution.

To re-enable TLS version 1.0 for OpenSSL, change /etc/ssl/openssl.cnf as follows :

# MinProtocol = TLSv1.2
MinProtocol = TLSv1.0