On 2/7/19 5:50 PM, Philip Colmer wrote: > I want to restrict the cipher suites used in OpenLDAP so that only > TLS1.2 is supported. > > Looking at https://openldap.org/doc/admin24/tls.html, I first tried > setting olcTLSCipherSuite to "HIGH" but the LDAP server gave an error 80 > and then stopped accepted further connections until I restarted it.
Attribute 'olcTLSCipherSuite' is for setting the cipher suites. You should rather set olcTLSProtocolMin: 3.3 Ciao, Michael.
smime.p7s
Description: S/MIME Cryptographic Signature