On 8/14/19 4:21 PM, Brian Sullivan wrote: > We have a requirement to not allow negotiation of TLS version to go > below 1.2. Is there a way to configure TLS so that it will only > negotiate version 1.2 or above?
It looks like we don't support that explicitly.. You could probably work something around by tuning the allowed ciphers, but I guess an option to to select the TLS versions allowed, like ssl_protocols in nginx or SSLProtocol in Apache HTTPD, would make sense as well. Best regards, -- Remi Gacogne PowerDNS.COM BV - https://www.powerdns.com/
Description: OpenPGP digital signature
_______________________________________________ dnsdist mailing list firstname.lastname@example.org https://mailman.powerdns.com/mailman/listinfo/dnsdist