Jeff Hallyburton wrote: > Hi, > > We're also seeing that the free-ipa web-portal is using TLS 1.2 by > default, which is being flagged as insecure / obsolete. This also seems > to be causing some clients (some instances of Chrome) to fail logins: > > [Fri Jan 29 18:34:26.638350 2016] [:error] [pid 6603] SSL Library Error: > -12286 No common encryption algorithm(s) with client > > > What do we need to do to update this to TLS 1.3?
TLS 1.2 insecure/obsolete? Flagged by what? Need more info on what the handshake looks like and what the server configuration is. AFAIK 1.3 is still in draft form. rob -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
