--On Sunday, November 14, 2021 9:36 PM +0000 "Ballem, Narayanan"
I modified the file as per the base but no luck with that.
When I look TLS library which slapd program it's looks like it's using
gnutls . Do I need to configure in different way for GNUTLS for TLS
version in slapd.
Yes. You will need to consult the GnuTLS documentation. The slapd man
page clearly states that the TLSProtocolMin option is ignored when linked
to GnuTLS. I generally advise linking to OpenSSL for a number of different
reasons. I believe with GnuTLS you do this via the TLSCipherSuite option
to slapd. See also
One example from Exim sets the cipher suites to: NORMAL:!VERS-SSL3.0
so that may be of help. See also the slapd.conf(5) man page section on
TLSCipherSuite for the GnuTLS command line to print out relevant
This ticket may also be helpful: <https://mod.gnutls.org/ticket/29>
Packaged, certified, and supported LDAP solutions powered by OpenLDAP: