OK, this is most bizarre issue, I am trying to disable RC4 based TLS Cipher Suites in LDAPs(port 636) and for the life of me cannot get it to work
I have followed many nearly identical instructions to create ldif file and change "nsSSL3Ciphers" in "cn=encryption,cn=config". Seems simple enough - and I get it to take, and during the startup I can see the right SSL Cipher Suites listed in errors.log - but when it starts and I probe it, RC4 ciphers are still there. I am completely confused. I tried setting "nsSSL3Ciphers" to "default" (which does not have "RC4") and to old style cyphers lists(lowercase), and new style cypher lists(uppercase), and nothing seems to make any difference. Any ideas? -M
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project