Callum Guy wrote:
> Hi All,
> I'm currently looking at hardening my FreeIPA server as part of a PCI
> I am hoping to be able to fix PKI (ports 8443) and SLAPD (LDAPS) to use
> only TLS1.2 - both currently support TLS1.0 and unfortunately that is
> non-compliant for my environment.
> Also i'm very much hoping not to break my installation!
> Does anyone have experience in this area?
It depends very much on what version you are running but see
https://access.redhat.com/articles/2801181 for inspiration.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project