Hello,
regarding this issue there are bugs opened: https://bugzilla.redhat.com/show_bug.cgi?id=1249092 https://bugzilla.redhat.com/show_bug.cgi?id=1249093 https://bugzilla.redhat.com/show_bug.cgi?id=1375432
For further information, please, contact Red Hat Support.
I think this ITS case may be closed now as it is Red Hat specific.
Regards.
Gaurav Swami swamigaurav90@gmail.com writes:
Hello,
I have Redhat 6 where am trying to disable TLSv1.0 protocol.I have tried below configuration
RHEL6
[root@ldap1 ~]# rpm -qa | grep -we openldap -we openssl -we nss krb5-pkinit-openssl-1.10.3-10.el6_4.6.x86_64 openldap-servers-2.4.40-12.el6.x86_64 nss-util-3.21.0-2.el6.x86_64 nss-3.21.0-8.el6.x86_64 openssl-devel-1.0.1e-48.el6_8.1.x86_64 openssl-1.0.1e-48.el6_8.1.x86_64 openldap-clients-2.4.40-12.el6.x86_64 nss-softokn-freebl-3.14.3-23.3.el6_8.x86_64 nss-sysinit-3.21.0-8.el6.x86_64 nss-tools-3.21.0-8.el6.x86_64 openldap-2.4.40-12.el6.x86_64
nss-softokn-3.14.3-23.3.el6_8.x86_64
RHEL6 Configuration
TLSProtocolMin 3.2 TLSCipherSuite HIGH
But still when I ran third party tool to check offered protocol am getting
--> Testing protocols (via sockets except TLS 1.2 and SPDY/NPN)
SSLv2 not offered (OK) SSLv3 not offered (OK) TLS 1 offered TLS 1.1 offered TLS 1.2 offered (OK) SPDY/NPN not offered
--> Testing ~standard cipher lists
TLSv1.0 is still offered ,I want to disable TLSv1.0 also
Any suggestiosn?
-- Thanks & Regards, **Gaurav Swami**