I noticed this thing (not depended direcliy to tiny tiny rss, but openssl or curl/wget).
It’s possibile to change openssl configuration for ‘UnsafeLegacyServerConnect’, or ad an option for change it? For example Yonhap agency eng cause this error.
This stackoverflow similar question,
but tiny work in a containers.
This is a debug
[06:04:29/860] start
[06:04:29/860] running HOOK_FETCH_FEED handlers...
[06:04:29/860] === 0.0004 (sec) Af_Comics
[06:04:29/860] feed data has not been modified by a plugin.
[06:04:29/860] local cache will not be used for this feed
[06:04:29/860] last unconditional update request:
[06:04:29/860] maximum allowed interval for conditional requests exceeded, forcing refetch
[06:04:29/860]
[06:04:29/860]
[06:04:31/860] fetch done.
[06:04:31/860]
[06:04:31/860] server last modified:
[06:04:31/860] unable to fetch: ; 35 OpenSSL/3.1.0: error:0A000152:SSL routines::unsafe legacy renegotiation disabled [0]
fox
2
you can implement whatever insecure features you need with plugins (HOOK_FEED_FETCH, etc).
Long-term, contact the site admins and get them to enable "Support for RFC 5746 secure renegotiation ".
For a workaround, using curl directly, this solution worked for me:
i.e. OPENSSL_CONF=<path to>/openssl.cnf curl --verbose -L <url> resulted in a successful connection and some sort of content returned.
How to have that work for tt-rss is left as an exercise for the reader. You might just be happy to enable it globally for your tt-rss install, i.e. edit the openssl.cnf file for the docker image. Chances of a MITM attack causing issues with retrieving RSS feeds seem lower than for general web retrievals.
