--On Sunday, November 14, 2021 9:36 PM +0000 "Ballem, Narayanan" <Narayanan.Ballem(a)Staples.com&gt; wrote: Yes. You will need to consult the GnuTLS documentation. The slapd man page clearly states that the TLSProtocolMin option is ignored when linked to GnuTLS. I generally advise linking to OpenSSL for a number of different reasons. I believe with GnuTLS you do this via the TLSCipherSuite option to slapd. See also <https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/...;. One example from Exim sets the cipher suites to: NORMAL:!VERS-SSL3.0 so that may be of help. See also the slapd.conf(5) man page section on TLSCipherSuite for the GnuTLS command line to print out relevant information. This ticket may also be helpful: <https://mod.gnutls.org/ticket/29> --Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: <http://www.symas.com>