Hi Guys, My packages: 389-ds-base1.4.2.8-20200414gitfae920fc8.el8.x86_64 openssl-1.1.1c-2.el8.x86_64
I'm trying to set tls-protocol-min to TLS 1.0 but it's not working, I used dsconf and ldapmodify like this: dn: cn=encryption,cn=config changetype: modify replace: sslVersionMin sslVersionMin: TLS1.1 - replace: sslVersionMax sslVersionMax: TLS1.2 Also tried to set on variables like this: nsTLS11: on nsTLS10: on dsconf RNP security set --tls-protocol-min="TLS1.0" Set Allow Weak Ciphers to on, but seems to be related to ssl3 and not TLS. Change cipher suite to all All commands seems to works, also modify my dse.ldif but When I start my 389: [28/Apr/2020:23:10:58.855549735 -0300] - INFO - Security Initialization - slapd_ssl_init2 - Configured SSL version range: min: TLS1.1, max: TLS1.2 [28/Apr/2020:23:10:58.858132149 -0300] - INFO - Security Initialization - slapd_ssl_init2 - NSS adjusted SSL version range: min: TLS1.2, max: TLS1.2 This last try was setting to --tls-protocol-min="TLS1.1" Thanks Alberto Viana
_______________________________________________ 389-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
