On 2/7/19 5:50 PM, Philip Colmer wrote:
I want to restrict the cipher suites used in OpenLDAP so that only
TLS1.2 is supported.
Looking at
https://openldap.org/doc/admin24/tls.html, I first tried
setting olcTLSCipherSuite to "HIGH" but the LDAP server gave an error 80
and then stopped accepted further connections until I restarted it.
Attribute 'olcTLSCipherSuite' is for setting the cipher suites.
You should rather set
olcTLSProtocolMin: 3.3
Ciao, Michael.