On 29 Mar 2016, at 14:29, Adam Bishop <adam.bis...@jisc.ac.uk> wrote:
> I could use a bit of help resolving this - full client debug follows. Both
> systems are running nss 3.19.1 which *should* support TLS1.2., so I'm unsure
> where to start fixing this.
Turns out to be a little easier to solve than I thought; the CentOS 6 client
was running an older version of NSS than I thought it was.
ipa-client-3.0.0-47.el6.centos.1.x86_64 defaults to requiring tls1.2 , but does
not depend on a version of NSS that actually supports tls1.2.
Manually installing an updated version of NSS has resolved the problem.
Jisc is a registered charity (number 1149740) and a company limited by
guarantee which is registered in England under Company No. 5747339, VAT No. GB
197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill, Bristol,
BS2 0JA. T 0203 697 5800.
Jisc Services Limited is a wholly owned Jisc subsidiary and a company limited
by guarantee which is registered in England under company number 2881024, VAT
number GB 197 0632 86. The registered office is: One Castle Park, Tower Hill,
Bristol BS2 0JA. T 0203 697 5800.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project