OK, this is most bizarre issue,
I am trying to disable RC4 based TLS Cipher Suites in LDAPs(port 636) and
for the life of me cannot get it to work
I have followed many nearly identical instructions to create ldif file and
change "nsSSL3Ciphers" in "cn=encryption,cn=config". Seems simple enough -
and I get it to take, and during the startup I can see the right SSL Cipher
Suites listed in errors.log - but when it starts and I probe it, RC4
ciphers are still there. I am completely confused.
I tried setting "nsSSL3Ciphers" to "default" (which does not have "RC4")
and to old style cyphers lists(lowercase), and new style cypher
lists(uppercase), and nothing seems to make any difference.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project