Page MenuHomePhabricator
Create Task
Maniphest T329218

LDAP connections use TLSv1.0 and TLSv1.1
Open, LowPublic
Actions

Description

ldap and ldap-codfw1dev seem to be accepting TLSv1.0 and TLSv1.1. This is not in line with our HTTPS guidelines and should be fixed.

brett@seaborgium:~$ curl --tls-max 1.1 localhost:636
curl: (52) Empty reply from server
brett@seaborgium:~$ curl --tls-max 1.0 localhost:636
curl: (52) Empty reply from server
brett@cloudservices2004-dev:~$ curl localhost:636 --tls-max 1.1
curl: (52) Empty reply from server
brett@cloudservices2004-dev:~$ curl localhost:636 --tls-max 1.0
curl: (52) Empty reply from server

Related Objects

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL