[Freeipa-users] IPA Web Portal using outdated ciphers, breaking with some clients
Rob Crittenden
rcritten at redhat.com
Fri Jan 29 19:36:48 UTC 2016
Jeff Hallyburton wrote:
> Hi,
>
> We're also seeing that the free-ipa web-portal is using TLS 1.2 by
> default, which is being flagged as insecure / obsolete. This also seems
> to be causing some clients (some instances of Chrome) to fail logins:
>
> [Fri Jan 29 18:34:26.638350 2016] [:error] [pid 6603] SSL Library Error:
> -12286 No common encryption algorithm(s) with client
>
>
> What do we need to do to update this to TLS 1.3?
TLS 1.2 insecure/obsolete? Flagged by what? Need more info on what the
handshake looks like and what the server configuration is.
AFAIK 1.3 is still in draft form.
rob
More information about the Freeipa-users
mailing list