How to disable medium ciphers in open LDAP

Server

The configuration file for openldap server is as below,

/etc/openldap/slapd.conf

Need to add the following line in TLS section and restart slapd service to disable cipher.

TLSCipherSuite HIGH:-SSLv2:-SSLv3

Client

Add the below lines to /etc/openldap/ldap.conf:

URI ldaps://ldapserver/
TLS_CACERT /etc/openldap/server.ca.pem
TLS_REQCERT demand
TLS_CIPHER_SUITE ECDHE-RSA-AES256-SHA384:AES256-SHA256:!RC4:HIGH:!MD5:!aNULL:!EDH:!EXP:!SSLV2:!eNULL
TLS_PROTOCOL_MIN 3.3

Related Posts

Latest Posts

  • How to Create Index Partitions To Ranged Partitioned Table
  • How to Move Partition Online in Oracle 12c
  • How to add or modify Printer settings in CentOS/RHEL using GUI
  • What is machine-id in Linux