Re: Locking down ciphers in OpenLDAP with GnuTLS

7 Feb 2019


      On 2/7/19 5:50 PM, Philip Colmer wrote:
...
I want to restrict the cipher suites used in OpenLDAP so that only
TLS1.2 is supported.
Looking at https://openldap.org/doc/admin24/tls.html, I first tried
setting olcTLSCipherSuite to "HIGH" but the LDAP server gave an error 80
and then stopped accepted further connections until I restarted it.
Attribute 'olcTLSCipherSuite' is for setting the cipher suites.
You should rather set
olcTLSProtocolMin: 3.3
Ciao, Michael.

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Re: Locking down ciphers in OpenLDAP with GnuTLS