Hello,
I installed a new version of 389:
389-Directory/1.3.4.8 B2016.063.1654
And I'm getting these warnings:
[30/Mar/2016:10:47:39 -0300] - SSL alert: Found unsecure configuration: nsSSL3: on; We strongly recommend to disable nsSSL3 in cn=encryption,cn=config.
[30/Mar/2016:10:47:39 -0300] - SSL alert: Configured range: min: TLS1.0, max: TLS1.2; but both nsSSL3 and nsTLS1 are on. Respect the supported range.
I already disabled nsSSL2 and nsSSL3:
dn: cn=encryption,cn=config
changetype: modify
replace: nsSSL2
nsSSL2: off
-
replace: nsSSL3
nsSSL3: off
-
replace: nsTLS1
nsTLS1: on
and confirmed that my server is only accepting TLS connections
Also tried to delete nsssl3ciphers:
dn: cn=encryption,cn=config
changetype: modify
delete: nsssl3ciphers
But it comes back.
Why I'm still getting these warnings even after to disable nsSSL2 and nsSSL3?
Thanks
Alberto Viana
-- 389 users mailing list 389-users@%(host_name)s http://lists.fedoraproject.org/admin/lists/389-users@xxxxxxxxxxxxxxxxxxxxxxx
