IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
c7500220c443c6051178211eadd64392ca7bd08a
freeipa/ipaplatform/debian
History
Christian Heimes b57c818fab Use only TLS 1.2 by default 
TLS 1.3 is causing some trouble with client cert authentication.
Conditional client cert authentication requires post-handshake
authentication extension on TLS 1.3. The new feature is not fully
implemented yet.

TLS 1.0 and 1.1 are no longer state of the art and now disabled by
default.

TLS 1.2 works everywhere and supports PFS.

Related: https://pagure.io/freeipa/issue/7667

Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
2019-07-01 14:55:29 +02:00
..
__init__.py
ipaplatform: Add Debian platform module.
2017-01-19 16:45:42 +01:00
constants.py
named.conf: Disable duplicate zone on debian, and modify data dir
2018-05-29 17:03:56 +02:00
paths.py
Add helper to look for missing binaries
2019-04-26 12:47:51 +02:00
services.py
Debian: Use RedHatCAService for pki-tomcatd
2019-04-24 14:08:20 +02:00
tasks.py
Use only TLS 1.2 by default
2019-07-01 14:55:29 +02:00