On 8/14/19 4:21 PM, Brian Sullivan wrote:
> We have a requirement to not allow negotiation of TLS version to go
> below 1.2. Is there a way to configure TLS so that it will only
> negotiate version 1.2 or above? 

It looks like we don't support that explicitly.. You could probably work
something around by tuning the allowed ciphers, but I guess an option to
to select the TLS versions allowed, like ssl_protocols in nginx or
SSLProtocol in Apache HTTPD, would make sense as well.

Best regards,
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/

Attachment: signature.asc
Description: OpenPGP digital signature

dnsdist mailing list

Reply via email to