Marcelo Carvalho via FreeIPA-users wrote: > I have downloaded and used cipherscan > > ./cipherscan.txt 127.0.0.1 > > I belie this does it. Correct?
You don't need to scan all the available ciphers unless you want to do that as well. If you just want to verify that the IPA servers have TLS listeners you can run: for port in 443 636 8443 do openssl s_client -connect `hostname`:$port < /dev/null done And verify in the output that all three ports had successful connections. It's still unclear what you're worried about. Are you concerned that someone actively disabled TLS? rob _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue