Callum Guy wrote:
> Hi All,
> I'm currently looking at hardening my FreeIPA server as part of a PCI
> assessment.
> I am hoping to be able to fix PKI (ports 8443) and SLAPD (LDAPS) to use
> only TLS1.2 - both currently support TLS1.0 and unfortunately that is
> non-compliant for my environment.
> Also i'm very much hoping not to break my installation!
> Does anyone have experience in this area?

It depends very much on what version you are running but see for inspiration.


Manage your subscription for the Freeipa-users mailing list:
Go to for more info on the project

Reply via email to