For SP6 the default version of openssl has changed from 1.1.1 to 3.1.4 (https://www.suse.com/support/kb/doc/?id=000019582). While this is a good step, some older clients can no longer connect to services on the machine, because TLS v1 is no longer supported. I noticed that optionally openssl 1.1.1 is still around, as confirmed by the packages list.
However, it is not easily possible to switch between installed openssl versions. Which you normally would expect that update-alternatives would provide an easy way to do that. However, while there are alternatives configured, like for Java, there is none for openssl.
I’d prefer using a safe method that the system is aware of. But even a brutal change like changing the binary of /usr/bin/openssl and the config file in /etc/ssl (along with changes in nginx/apache configs) did not have the desired effect.
I noticed there was a similar post in the past (https://forums.opensuse.org/t/switching-from-openssl-1-to-openssl-3/169916), where the OP wanted to go into the opposite direction, but there were no conclusive answers given.
With SP6 being around for some months, I’d have expected that others may have stumbled over this already. Who could help here?
Thanks,