IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-13 09:41:55 -06:00
Code Issues Packages Projects Releases Wiki Activity
952dd2a50f
freeipa/ipaplatform/debian
History
Christian Heimes b57c818fab Use only TLS 1.2 by default 
TLS 1.3 is causing some trouble with client cert authentication.
Conditional client cert authentication requires post-handshake
authentication extension on TLS 1.3. The new feature is not fully
implemented yet.

TLS 1.0 and 1.1 are no longer state of the art and now disabled by
default.

TLS 1.2 works everywhere and supports PFS.

Related: https://pagure.io/freeipa/issue/7667

Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
2019-07-01 14:55:29 +02:00
..
__init__.py ipaplatform: Add Debian platform module. 2017-01-19 16:45:42 +01:00
constants.py named.conf: Disable duplicate zone on debian, and modify data dir 2018-05-29 17:03:56 +02:00
paths.py Add helper to look for missing binaries 2019-04-26 12:47:51 +02:00
services.py Debian: Use RedHatCAService for pki-tomcatd 2019-04-24 14:08:20 +02:00
tasks.py Use only TLS 1.2 by default 2019-07-01 14:55:29 +02:00