search for: tls1.1

Sure did! I am even playing with different options (including NONE) and it seems to ignore the contents of ssl.conf I have tried Environment=G_TLS_GNUTLS_PRIORITY=NORMAL:+TLS1.2:!TLS1.1:!TLS1.0:!ECDHE-RSA-AES256-SHA: Environment=G_TLS_GNUTLS_PRIORITY=NORMAL:+TLS1.2:!TLS1.1:!TLS1.0:!ECDHE-RSA-AES256-SHA Environment=G_TLS_GNUTLS_PRIORITY=PFS

On Fri, 25 Mar 2016 16:50, Eero Volotinen wrote: > > Stop paranoia? Tlsv1.0 is not recommended when storing credit card data. > > Eero > Hi List, > > Does anyone know why the above URL is still using TLS V1.0. > > I can't connect to it unless I enable TLS V1.0 which I was under the > impression that it should not be used > anymore. > > Thanks for any

Thanks, Randal for the response. But it did not work. Here the results: #yum info cockpit Name : cockpit Arch : x86_64 Version : 195.1 Release : 1.el7.centos.0.1 Size : 51 k Repo : installed >From repo : extras Summary : Web Console for Linux servers URL : https://cockpit-project.org/ License : LGPLv2+ [root at cockpit ~]# cat

The openssl library in Debian unstable (targeting Buster) supports TLS1.2 by default. The library itself supports also TLS1.1 and TLS1.0. If the admin decides to also support TLS1.[01] users he can then enable the lower protocol version in case the users can't update their system. Signed-off-by: Sebastian Andrzej Siewior <sebastian at breakpoint.cc> --- src/config/all-settings.c

On 25.03.2016 17:29, Eero Volotinen wrote: >> @Eero: IMHO you are missing some points here. There are more and more >> browsers that are unable to use SSL{2,3} as well as TLS1.0, not just >> disabled via config, but this decission was made at compile time. >> Newer Android and Apple-iOS devices for example. >> >> > This is not true. it works fine with latest

On 27 August 2017 08:32:06 CEST, Timo Sirainen <tss at iki.fi> wrote: >> DEF(SET_STR, ssl_protocols), >> DEF(SET_STR, ssl_cert_username_field), >> DEF(SET_STR, ssl_crypto_device), >> + DEF(SET_STR, ssl_lowest_version), > >Does it really require a new setting? Couldn't it use the existing >ssl_protocols setting? You need to set a minimal version.

Hi, I'm using cockpit in standard port 9090 in a Centos 7 system. Due to a suggestion from management, they want TLS 1.1 disabled system-wide in all Linux boxes and TLS 1.2 enabled. I have not found proper documentation on how to disable it for cockpit (version 195.1 ships with Centos 7) So far I have tried (https://cockpit-project.org/guide/149/https.html):

I'm running Dovecot 2.2.5 and want to make it refuse SSLv2, SSLv3 and TLSv1.0. Clients will opportunistically use TLS 1.1 and 1.2, but now I want require they do so. Is it enough to set ssl_cipher_list = HIGH:!SSLv2:!SSLv3:!TLSv1.0:!aNULL:!MD5 or are there additional settings I need to specify?

> @Eero: IMHO you are missing some points here. There are more and more > browsers that are unable to use SSL{2,3} as well as TLS1.0, not just > disabled via config, but this decission was made at compile time. > Newer Android and Apple-iOS devices for example. > > This is not true. it works fine with latest android and ios. I just tested it. > And the point is not that the

Oops, excuse my typo Create /etc/systemd/system/cockpit.service.d/ssl.conf containing [Service] Environment=G_TLS_GNUTLS_PRIORITY=NORMAL:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1 Then systemctl daemon-reload systemctl restart cockpit To verify that TLS 1.1 is disabled, echo test | openssl s_client -connect localhost:9090 -tls1_1 2>&1 | grep -e Protocol -e Cipher The expected result is:

Hi List, Does anyone know why the above URL is still using TLS V1.0. I can't connect to it unless I enable TLS V1.0 which I was under the impression that it should not be used anymore. Thanks for any enlightenment. Steve --

On 01.10.2019 14:06, Rowland penny via samba wrote: > On 01/10/2019 12:51, Arkadiusz Karpi?ski wrote: >> >> On 30.09.2019 20:03, Rowland penny via samba wrote: >>> On 30/09/2019 18:06, akarpinski wrote: >>>> Samba version is 4.10.7 >>>> >>>> smb.conf: >>>> >>>> # Global parameters >>>> [global]

On Tue, Aug 02, 2016 at 02:56:26PM +0000, Olivier BONHOMME wrote: > Hello Tom, > > It's indeed an interesting way. I didn't think about something just disabled. I > browsed, gnutls rpm changelog and I saw this : > > * Thu May 3 2012 Tomas Mraz <tmraz at redhat.com> 2.8.5-7 > - more TLS-1.2 compatibility fixes (TLS-1.2 stays disabled by default) > > So

On Dec 27, 2019, at 16:28, Erick Perez - Quadrian Enterprises <eperez at quadrianweb.com> wrote: > > [root at cockpit ~]# cat /etc/systemd/system/cockpit.service.d/ssl.conf > Environment=G_TLS_GNUTLS_PRIORITY=NORMAL:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1 > > [root at cockpit ~]# > [root at cockpit ~]# systemctl start cockpit > [root at cockpit ~]# systemctl status

On 26 Aug 2017, at 19.47, Sebastian Andrzej Siewior <sebastian at breakpoint.cc> wrote: > > The openssl library in Debian unstable (targeting Buster) supports > TLS1.2 by default. The library itself supports also TLS1.1 and TLS1.0. > If the admin decides to also support TLS1.[01] users he can then enable > the lower protocol version in case the users can't update their

On 2017-08-27 13:46, Sebastian Andrzej Siewior wrote: > On 27 August 2017 08:32:06 CEST, Timo Sirainen <tss at iki.fi> wrote: >>> DEF(SET_STR, ssl_protocols), >>> DEF(SET_STR, ssl_cert_username_field), >>> DEF(SET_STR, ssl_crypto_device), >>> + DEF(SET_STR, ssl_lowest_version), >> Does it really require a new setting? Couldn't it use the

On 5/31/20 11:54 AM, Aki Tuomi wrote: > >> On 31/05/2020 07:36 Mark Constable <markc at renta.net >> <mailto:markc at renta.net>> wrote: >> >> >> I currently use Ubuntu 20.04 with Dovecot 2.3.7.2 and OpenSSL 1.1.1f. >> >> A few months ago there was an update to all these systems and since >> then I've had to talk W7 and old Mac

You looking for something like this i think? Enable TLS1.2 ( and if supported TLS1.3) and allowes AES128 and EAS256. tls priority = SECURE256:+SECURE128:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-DTLS1.0:-VERS-DTLS1.1 Greetz, Louis > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Robert Marcano via samba > Verzonden: dinsdag

Dovecot Users, I have a sudden new problem that has cropped up just recently and I am stumped. My implementation has been working for over a year with no issues. Version Data: Dovecot: v2.2.10 (using self signed certificates) openSSL: v1.01e Gmail Android App: v6.10.23 November 3, 2016 The issue: I use the iphone Gmail App to access my e-mail from phone and tablet. It is simple and supports

On Tue, Aug 02, 2016 at 02:13:31PM +0100, Tom Grace wrote: > On 02/08/2016 12:11, Olivier BONHOMME wrote: > > So my question is : Can lftp provided by CentOS (of course last version in the > > 6.x branch), do TLSv1.2 connection ? > It may not be related, but in the past I have needed to rebuild libNSS > and Curl in CentOS 6 due to an upstream patch the explicitly disabled