> Le 22 févr. 2022 à 17:48, Quanah Gibson-Mount <[email protected]> a écrit :
> --On Tuesday, February 22, 2022 9:45 AM +0100 Frédéric Goudal
> <[email protected]> wrote:
>
>> Hello,
>>
>> For a legacy application we need to drop the ssl version available on our
>> openldap server.
>>
>> Currently it supports TLSv1.2, checked with nmap --script
>> ssl-enum-ciphers -p 636 host
>>
>> What ever value I put on olcTLSProtocolmin the ssl version does not
>> change… I have tried 3.0 3.1 3.2…
>>
>> What do I miss ?
>> Or is it a feature ?
>
> What SSL library is your OpenLDAP linked to?
From what I see in config.status
D["HAVE_OPENSSL_SSL_H"]=" 1"
D["HAVE_OPENSSL"]=" 1"
ii libssl-dev:amd64 1.1.1f-1ubuntu2.9
amd64 Secure Sockets Layer toolkit - development files
ii libssl1.1:amd64 1.1.1f-1ubuntu2.9
amd64 Secure Sockets Layer toolkit - shared libraries
f.g.
—
Frédéric Goudal
Ingénieur Système, DSI Bordeaux-INP
+33 556 84 23 11
