I'm currently using stunnel with openssl 1.1.1 on a ubuntu 18.04.4, with only TLS 1.2 and I'm getting a F grade with ssllabs.
I have both CMC and GCM cipher suites.
Sometimes I get a A grade, sometimes a F. When I get a F grade, somtimes the server is affected by Zombie POODLE, Golden DOODLE & 0-length, and sometimes it is only affected by 0-length.
These vulnerabilities are not suppose to affect openssl 1.1.1 if I refer to NVD - CVE-2019-1559.
What am I missing to get a A or B grade ?