On 22/03/2022 12:22, Alexander Bokovoy wrote:
On ti, 22 maalis 2022, lejeczek via FreeIPA-users wrote:
Hi guys.
With latest IPA on CentOS 9, ver 4.9.8 &
bind-9.16.23-1.el9.x86_64 - what would be a correct
(temporary) workaround for those records around the world
which are signed with "oldish" crypts?
Perhaps, try to use 'update-crypto-policies --set LEGACY'?
I thought slickest/safest - which I ended up doing - would
be exclude validation for given domain(s). (trying to make
it survive rpm updates)
Seems to work but I was not sure was it best best way.
thanks, L.
p.s. is the world ready for such hardened IPA/dns? I mean..
if paypal.com cannot keep up..
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
