Jeff Hallyburton wrote:
> Hi,
> 
> We're also seeing that the free-ipa web-portal is using TLS 1.2 by
> default, which is being flagged as insecure / obsolete.  This also seems
> to be causing some clients (some instances of Chrome) to fail logins:
> 
> [Fri Jan 29 18:34:26.638350 2016] [:error] [pid 6603] SSL Library Error:
> -12286 No common encryption algorithm(s) with client
> 
> 
> What do we need to do to update this to TLS 1.3?

TLS 1.2 insecure/obsolete? Flagged by what? Need more info on what the
handshake looks like and what the server configuration is.

AFAIK 1.3 is still in draft form.

rob

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to