On 11/25/2014 09:35 AM, Jan Cholasta wrote: > Dne 24.11.2014 v 15:59 Rob Crittenden napsal(a): ... >>> 2) Configure mod_nss to also support TLS 1.2. It should be done on both >>> server install and upgrade. This requires a new version of mod_nss. >> >> mod_nss 1.0.10 in F-21 and rawhide should both support TLS 1.2 today. >> >> mod_nss is also very tolerant of bad/unknown protocols. It won't blow up >> on unknown protocols. >> >> So if the given mod_nss doesn't support TLSv1.2 it will simply report an >> error about an unknown protocol and configure the server for 1.0/1.1 if >> configured as: >> >> NSSProtocol TLSv1.0,TLSv1.1,TLSv1.2 > > The attached patch 379 fixes this.
Works for me, ACK! Pushed to: master: bef1d18878118aea379659bb10d78c1e955b0b63 ipa-4-1: dc443cc4503822cb35c3693e5e525425573140f2 Martin _______________________________________________ Freeipa-devel mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-devel