Re: [radsecproxy] Error while connecting using TLS 1.3
29 Nov
2019
29 Nov
'19
2:17 p.m.
just to confirm Ubuntu 16.04 - openssl 1.1.1 yes I can restrict TLS to 1.2
Rgds
alex
On Thu, 28 Nov 2019 at 13:03, Alex Sharaz <alex.sharaz(a)york.ac.uk> wrote:
Cool!
many thanks
On Thu, 28 Nov 2019 at 12:23, Fabian Mauchle <fabian.mauchle(a)switch.ch>
wrote:
> On 28.11.19, 13:00, "radsecproxy on behalf of Alex Sharaz" <
> radsecproxy-bounces(a)lists.nordu.net on behalf of alex.sharaz(a)york.ac.uk>
> wrote:
>
> Having a senior moment, how do you specify tls 1.2 in openssl.cfg ?
>
> Without having tested it, my latest Debian stable (buster) has in
> /etc/ssl/openssl.cnf:
>
> [system_default_sect]
> MinProtocol = TLSv1.2
>
> According to the openssl source code, there is also a 'MaxProtocol'
> option.
>
> BR,
> Fabian
>
>
> --
> SWITCH
> Fabian Mauchle, Network Engineer
> Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland
> Phone +41 44 268 15 30, direct +41 44 268 15 39
> fabian.mauchle(a)switch.ch, http://www.switch.ch
>
>
>
>
Attachments:
- attachment.html (text/html — 1.9 KB)