Thank you for the information, & I am not sure what images were attached, sorry about
From: Quanah Gibson-Mount <quanah(a)symas.com>
Sent: Tuesday, April 13, 2021 2:13 PM
To: CLARKE, ED C <ec4397(a)att.com>; openldap-technical(a)openldap.org
Subject: Re: Enable support for TLS 1.2 and 1.3, and disable support for TLS 1.0.
--On Tuesday, April 13, 2021 7:56 PM +0000 "CLARKE, ED C"
In the future, please do not attach images to your email.
I am having trouble disabling TLS1.0 on my OpenLdap and enabling TLS
1.2 & 1.3, below are the scan results:
• Enable support for TLS 1.2 and 1.3, and disable support for TLS 1.0.
• "Consult the application's documentation to disable SSL 2.0 and 3.0.
• Use TLS 1.2 (with approved cipher suites) or higher instead."
• "Ports found: 389
• TLSv1 is enabled and the server supports at least one cipher."
• Info for my LDAP
• $ rpm -qa | grep ldap
OpenLDAP in RHEL7 is linked to the OpenSSL 1.0.2 which does not have support for TLS1.3.
So the latest version you can access with your build is TLS 1.2.
I suggest reading the slapd.conf(5) or slapd-config(5) man page, which clearly documents
how to set a minimum TLS protocol for the slapd server.
Packaged, certified, and supported LDAP solutions powered by OpenLDAP: