[Freeipa-users] Problem with Sync. IPA and Active directory using an external CA server with key size of 4096
Alexander Bokovoy
abokovoy at redhat.com
Tue Feb 16 11:18:50 UTC 2016
On Tue, 16 Feb 2016, Mitra Dehghan wrote:
>Thanks for your response.
>
>My environment is:
>OS: Centos 6.7 - kernel 2.6.32-537.3.1
>NSS package: nss-3.19.1-3
>IPA version: 3.0.0-47
>389-ds-base version: 1.2.11.15-60
Ok, NSS fix is there as part of 3.19.1 rebase,
https://rhn.redhat.com/errata/RHSA-2015-1185.html
However, you need to work out ciphers in 389-ds-base configuration.
To see what could be done, install FreeIPA 4.x in CentOS 7 and compare
settings there in cn=config.
--
/ Alexander Bokovoy
More information about the Freeipa-users
mailing list