HI Team,
Hope you can help with this issue. I am trying to disable SSLV3 on OpenLDAP servers we are using OpenLDAP as a proxy with upstream Active directory servers. we are using CA certs on this openssl we would like to disable SSLV3. Based on earlier update from OpenLdap Technical support team, I added "TLSProtocolMin 3.2" and able to restart slapd service as well without any issue. However when we tried to test SSLV3 connectivity it's still showing SSLv3 enabled . This OpenLDAP server built on RHEL server with locally compiled and openssl rpm/binaries are part of base RHEL OS image. cat /opt/dirsvcs/etc/openldap/slapd.conf|grep -i TLSProtocolMin TLSProtocolMin 3.2 openssl s_client -connect localhost:1636 -ssl3 -quiet depth=3 CN = XXX Root Certificate Authority verify return:1 SSLV3 is insecure as you know we are looking to disable this asap . Any help in addressing this much appreciated. Thanks Narayanan Linux Platform Engineering 500 Staples Drive, Framingham MA Office: 508-253-6909 | Mobile: 508-333-4395 [signature_1767107679]
