Re: OpenLDAP on Debian 11: missing TLS ciphers?

30 Jul 2022


      Am 30.07.22 um 20:46 schrieb Jochen Keutel:
...
We did run into this issue because some special devices (e.G. Cisco Prime Collaboration Assurance) cannot connect to the new OpenLDAP server. The server logfile states: TLS handshake: negotiation failure. It's not yet clear whether they really can "speak" only Camellia ...
it's called "openssl security level". Debian 11 defaults to seclevel=2, camellia cipher are available in the seclevel=1
$ grep PRETTY_NAME /etc/os-release
PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"
$ openssl ciphers -v | grep -i camellia | wc -l
0
$ openssl ciphers -v 'ALL;@SECLEVEL=1' | grep -i camellia | wc -l
28
Andreas

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Re: OpenLDAP on Debian 11: missing TLS ciphers?