Thank you, I managed to get Apache ProxyPass working and pointed "/monit" to localhost:2812 and this works great.
On Sat, Aug 20, 2016 at 1:46 PM, Phil Townes <[email protected]> wrote: > Would proxying :2812 via Apache or nginx work for you? You'd then have > total control over TLS versions and cipher suites. > > On some servers I've got :2812 set to only be accessible to localhost, and > then set up a SSH tunnel to 2812 when I need to access monit. I figure if > the port isn't listening on an accessible network interface you can't be in > breach of compliance requirements. > > Hope that helps. > Phil > > On 20 Aug 2016 20:21, "Jeremey Hustman" <[email protected]> wrote: > >> Is there a way to disable tlsv1.0? In my montirc I have >> >> set ssl { >> verify: enable, >> version: tlsv11, >> version: tlsv12 >> } >> >> But still TLSv1.0 is enabled, and adding -tlsv10 (like in apache) doesn't >> work. >> >> To be able to pass PCI Compliance on this particular server I need to >> disable this on this specific port (2812) >> >> Thank you, >> -- >> Jeremey >> >> >> -- >> To unsubscribe: >> https://lists.nongnu.org/mailman/listinfo/monit-general >> > > -- > To unsubscribe: > https://lists.nongnu.org/mailman/listinfo/monit-general > -- Jeremey http://www.childsupportreformnow.com/
-- To unsubscribe: https://lists.nongnu.org/mailman/listinfo/monit-general
