[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: undocumented TLSProtocolMin

--On Tuesday, July 23, 2013 1:11 PM +0200 Manuel Gaupp <mgaupp@googlemail.com> wrote:


OpenLDAP seems to support an undocumented configuration parameter
"TLSProtocolMin" when linked against OpenSSL. It allows to set the
minimum SSL/TLS protocol version:

* TLSProtocolMin 768   # (3 << 8) disables SSLv2
* TLSProtocolMin 769   # ((3 << 8)+1) disables SSLv2 and SSLv3

As there's no documentation for TLSProtocolMin:
Is this feature ready for production or is it experimental?

Please file an ITS about its lack of documentation: http://www.openldap.org/its



Quanah Gibson-Mount
Lead Engineer
Zimbra, Inc
Zimbra ::  the leader in open source messaging and collaboration