Fixed
It turns out that the gnutls library installed on the system was
somehow damaged.
It took the installation of gnutls-cli to list supperted protocols and ciphers.
I had to yum reinstall gnutls to fix it.
Now the ssl.conf has:
[Service]
Environment=G_TLS_GNUTLS_PRIORITY=NORMAL:-VERS-SSL3.
Sure did!
I am even playing with different options (including NONE) and it seems
to ignore the contents of ssl.conf
I have tried
Environment=G_TLS_GNUTLS_PRIORITY=NORMAL:+TLS1.2:!TLS1.1:!TLS1.0:!ECDHE-RSA-AES256-SHA:
Environment=G_TLS_GNUTLS_PRIORITY=NORMAL:+TLS1.2:!TLS1.1:!TLS1.0:!ECDHE-RSA-AES25
On Dec 27, 2019, at 16:28, Erick Perez - Quadrian Enterprises
wrote:
>
> [root@cockpit ~]# cat /etc/systemd/system/cockpit.service.d/ssl.conf
> Environment=G_TLS_GNUTLS_PRIORITY=NORMAL:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1
>
> [root@cockpit ~]#
> [root@cockpit ~]# systemctl start cockpit
> [ro
rotocol : TLSv1.1
> Cipher:
>
> Cheers,
>
> Phil
>
> -Original Message-----
> From: Randal, Phil
> Sent: 27 December 2019 15:04
> To: 'CentOS mailing list'
> Subject: RE: [CentOS] Disabling TLS 1.1 in Centos 7 cockpit
>
> Try cr
st'
Subject: RE: [CentOS] Disabling TLS 1.1 in Centos 7 cockpit
Try creating /etc/system/system/cockpit.service.d/ssl.conf and putting this in
it:
[Service]
Environment=G_TLS_GNUTLS_PRIORITY=NORMAL:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1
Then
systemctl daemon-reload
systemctl restart cockp
Behalf Of Erick Perez - Quadrian
Enterprises
Sent: 27 December 2019 03:26
To: centos@centos.org
Subject: [CentOS] Disabling TLS 1.1 in Centos 7 cockpit
CAUTION: This email originated from outside of the organisation. Do not click
links or open attachments unless you recognise the sender and know the
Hi, I'm using cockpit in standard port 9090 in a Centos 7 system.
Due to a suggestion from management, they want TLS 1.1 disabled
system-wide in all Linux boxes and TLS 1.2 enabled.
I have not found proper documentation on how to disable it for cockpit
(version 195.1 ships with Centos 7)
So far I
7 matches
Mail list logo