On 11/16/2020 2:30 AM, Stuart Henderson wrote:
Yes OpenLDAP is broken with TLS 1.3 server-side unless you have that commit (or build LibreSSL with TLS 1.3 server support disabled). As far as I can tell there's no method to disable TLS 1.3 via config.
Hmm, yah, you can disable old versions, but I don't think there is any way to disable newer ones.
