[Bug 2115530] Re: Hardcoded OPENSSL_TLS_SECURITY_LEVEL=2 breaks MongoDB Atlas SSL connections
Ravi Kant Sharma
2115530 at bugs.launchpad.net
Mon Jun 30 09:14:44 UTC 2025
Hello, thank you for taking the time to report this bug and helping to
make Ubuntu better.
We will not remove the hardcoding to drop the security level.
Please see more on the topic here
https://www.feistyduck.com/library/openssl-cookbook/online/openssl-command-line/understanding-security-levels.html
https://documentation.ubuntu.com/server/explanation/crypto/openssl/
I found some links which can possibly help you to update the security
level in application or at runtime.
https://askubuntu.com/questions/1233186/ubuntu-20-04-how-to-set-lower-ssl-security-level
https://docs.openssl.org/1.1.1/man3/SSL_CTX_set_security_level/
** Changed in: openssl (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/2115530
Title:
Hardcoded OPENSSL_TLS_SECURITY_LEVEL=2 breaks MongoDB Atlas SSL
connections
Status in openssl package in Ubuntu:
Won't Fix
Bug description:
Ubuntu 24.04 OpenSSL package compiled with hardcoded
DOPENSSL_TLS_SECURITY_LEVEL=2 causes SSL handshake failures with MongoDB
Atlas.
Error: SSL routines:ssl3_read_bytes:tlsv1 alert internal error
(alert 80)
Impact: All MongoDB Atlas connections fail from Ubuntu 24.04 systems
Affects: mongosh, Node.js applications, Python pymongo, etc.
The hardcoded security level cannot be overridden at runtime, breaking
compatibility with legitimate cloud services.
Workaround: Install older libssl1.1 package
Suggested fix: Remove hardcoded security level or provide override
mechanism
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2115530/+subscriptions
More information about the foundations-bugs
mailing list