PR - Issue 49395 - Set the default TLS version min to TLS1.2 #3880

389-ds-bot · 2020-09-13T08:52:42Z

Cloned from Pagure Pull-Request: https://pagure.io/389-ds-base/pull-request/50826

Created at 2020-01-16 16:32:01 by mreynolds (@mreynolds389)
Merged at 2020-01-17 01:42:59

Description:

On fedora the NSS default minimum is still TLS1.0, we need to force the default min to be TLS1.2 unless explicitly set using sslVersionMin in cn=encryption,cn=config entry.

This is also to comply with our healthcheck tool that complains about TLS1.0 min setting.

relates: Resolves: #2454

389-ds-bot · 2020-09-13T08:52:44Z

Comment from firstyear (@Firstyear) at 2020-01-17 01:15:26

ACK, great change :)

389-ds-bot · 2020-09-13T08:52:45Z

Comment from mreynolds (@mreynolds389) at 2020-01-17 01:42:17

rebased onto e034c29

389-ds-bot · 2020-09-13T08:52:46Z

Comment from mreynolds (@mreynolds389) at 2020-01-17 01:42:59

Pull-Request has been merged by mreynolds389

389-ds-bot · 2020-09-13T08:52:47Z

Patch
50826.patch

389-ds-bot added merged Migration flag - PR pr Migration flag - PR labels Sep 13, 2020

389-ds-bot closed this as completed Sep 13, 2020

389-ds-bot mentioned this issue Sep 13, 2020

Raise min TLS version to 1.2 #2454

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

PR - Issue 49395 - Set the default TLS version min to TLS1.2 #3880

PR - Issue 49395 - Set the default TLS version min to TLS1.2 #3880

389-ds-bot commented Sep 13, 2020 •

edited

389-ds-bot commented Sep 13, 2020

389-ds-bot commented Sep 13, 2020

389-ds-bot commented Sep 13, 2020

389-ds-bot commented Sep 13, 2020

PR - Issue 49395 - Set the default TLS version min to TLS1.2 #3880

PR - Issue 49395 - Set the default TLS version min to TLS1.2 #3880

Comments

389-ds-bot commented Sep 13, 2020 • edited

389-ds-bot commented Sep 13, 2020

389-ds-bot commented Sep 13, 2020

389-ds-bot commented Sep 13, 2020

389-ds-bot commented Sep 13, 2020

389-ds-bot commented Sep 13, 2020 •

edited