Thanks for the quick solution! It fixed the problem for me. Best regards, Robert Hentsch-Jesse -----Ursprüngliche Nachricht----- Von: Freeradius-Users <freeradius-users-bounces+rhentsch-jesse=phoenixcontact.com@lists.freeradius.org> Im Auftrag von Alan DeKok Gesendet: Mittwoch, 9. Dezember 2020 17:16 An: freeradius users mailing list <freeradius-users@lists.freeradius.org> Betreff: Re: rlm_ldap: Limit accepted TLS versions on LDAPS ***External email! Do not click links or open attachments unless you recognize the sender and know the content is safe.***
On Dec 9, 2020, at 10:48 AM, Michael Ströder via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
On 12/9/20 3:36 PM, Alan DeKok wrote:
And the libldap API doesn't provide a way to say "require TLS 1.2"
How about using LDAP_OPT_X_TLS_PROTOCOL_MIN described in ldap_set_option(3)?
See commit e789729285e This should hopefully work. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html ....................................................................................... PHOENIX CONTACT Cyber Security GmbH Richard-Willstätter-Straße 6, 12489 Berlin, Germany Register Court: AG Charlottenburg, HR B 202908 Geschäftsführer/General Manager: Kilian Golm