Ce contenu n'est pas disponible dans la langue sélectionnée.

9.6. Setting the Minimum TLS Encryption Protocol Version

By default, Directory Server sets sslVersionMin parameter automatically based on the system-wide crypto policy. The following table provides an overview of the TLS version in sslVersionMin Directory Server uses based on the system-wide crypto policy profile:

Table 9.2. Overview of System-wide Crypto Policy Profiles and the Minimum TLS Version They Define
Profile	Minimum TLS Version
`DEFAULT`	TLS 1.2
`FUTURE`	TLS 1.2
`FIPS`	TLS 1.2
`LEGACY`	TLS 1.0

For further details about system-wide crypto policy, how to change the profile, and opting-out services of system-wide crypto policies, see the Using system-wide cryptographic policies section in the RHEL 8 Security Hardening guide.

Alternatively, you can manually set sslVersionMin to higher value than the one defined in the crypto policy profile:

# dsconf -D "cn=Directory Manager" ldap://server.example.com security set --tls-protocol-min="TLS1.3"

Ce contenu n'est pas disponible dans la langue sélectionnée.

9.6. Setting the Minimum TLS Encryption Protocol Version

Apprendre

Essayez, achetez et vendez

Communautés

À propos de la documentation Red Hat

Rendre l’open source plus inclusif

À propos de Red Hat

Red Hat legal and privacy links

Red Hat legal and privacy links