Directory Server now supports enabling and disabling specific TLS versions
Previously, Directory Server running on Red Hat Enterprise Linux 6 provided no configuration options to enable or disable specific TLS versions. For example, it was not possible to disable the insecure TLS 1.0 protocol while keeping later versions enabled. This updates adds the
nsTLS12 parameters to the
cn=encryption,cn=config entry. As a result, it is now possible to configure specific TLS protocol versions in Directory Server.
Note, that these parameters have a higher priority than the
parameter, that enables or disables all TLS protocol versions. (BZ#1330758