[Freeipa-users] TLS 1.2 for PKI+SLAPD
Rob Crittenden
rcritten at redhat.com
Thu Apr 27 19:16:07 UTC 2017
Callum Guy wrote:
> Hi All,
>
> I'm currently looking at hardening my FreeIPA server as part of a PCI
> assessment.
>
> I am hoping to be able to fix PKI (ports 8443) and SLAPD (LDAPS) to use
> only TLS1.2 - both currently support TLS1.0 and unfortunately that is
> non-compliant for my environment.
>
> Also i'm very much hoping not to break my installation!
>
> Does anyone have experience in this area?
It depends very much on what version you are running but see
https://access.redhat.com/articles/2801181 for inspiration.
rob
More information about the Freeipa-users
mailing list