Securing Application 'X' with SSL/TLS in RHEL 'Y' ?

Updated -
This is the index page for a set of articles that describe how to configure applications that use cryptography. The aim is to present the recommended configurations and solutions that account for the currently known state of the security landscape. This article is part of the Securing Applications Collection
This is the index page for a set of articles that describe how to configure applications that use cryptography. The aim is to present the recommended configurations and solutions that account for the currently known state of the security landscape. Due to the fact that both protocol-level and implementation-levels flaws are exposed on a frequent basis both the recommended configurations and package versions are liable to change. It is a simple fact that anybody who runs a system that expects to maintain a reasonably high level of security should expect to have to update and adapt promptly in the face of new issues. Systems cannot simply be frozen at a given state and hope to remain secure.

Cryptographic Toolkits In Use

Crypto Toolkit RHEL7 RHEL6 RHEL5 RHEL4
openssl v1.0.1e v1.0.0 / v1.0.1e v0.9.8e v0.9.7a
NSS v3.15.4 - v3.21.3 v3.12.10 - v3.21.3 v3.11.5 - v3.21.3 v3.11.99 - v3.12.10
gnutls v3.1.19 - v3.3.24 v2.8.5 v1.4.1 v1.0.20

Application Setup

Application Using Crypto Toolkit RHEL7 RHEL6 RHEL5
Apache with mod_ssl openssl v2.4.6 v2.2.15 v2.2.3
Apache with mod_nss NSS v1.0.11 v1.0.10 v1.0.8
sendmail openssl v8.14.7 v8.14.4 v8.13.8
postfix openssl v2.10.1 v2.6.6 v.2.3.3
dovecot openssl v2.2.10 v2.0.9 v1.0.7
cyrus-imapd openssl v2.4.17 v2.3.16 v2.3.7
mysql/mariadb server openssl v5.5.41 v5.1.73 v5.0.95
mysql/mariadb client openssl v5.5.41 v5.1.73 v5.0.95
postgresql server openssl v9.2.10 v8.4.20 v8.1.23
postgresql clients openssl v9.2.10 v8.4.20 v8.1.23
openldap server openssl/NSS v2.4.39 v2.4.39 v2.3.43
openldap client openssl/NSS v2.4.39 v2.4.39 v2.3.43
libvirtd (libvirt/libvirt-daemon) gnutls v1.2.17 v0.10.2 NA

Testing Your Secured Connection

Some details on how to test the particular configuration of a secured service can be found on the Testing Secured Connections web page.

Additional Resources: Securing Identity Management

See Configuring TLS 1.2 for Identity Management in RHEL 6.9.

Was this helpful?

We appreciate your feedback. Leave a comment if you would like to provide more detail.
It looks like we have some work to do. Leave a comment to let us know how we could improve.
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.