How can I force CUPS in RHEL to use only TLS 1.2

Solution Verified - Updated -

Issue

  • Our company wants us to force everything to TLS 1.2, denying TLS 1.1, 1.0, and all SSL version on all ports which offer TLS encryption. I didn't find an option on how to force cupsd to 1.2.
  • Need a way to disable TLS 1.0, 1.1, SSLv1,2,3 leave only TLS1.2 enabled.

  • Nessus scan finds the following vulnerabilities on our CUPSD server.
    Could you, please, advise how to update cupsd configuration to fix them?

    42873    SSL Medium Strength Cipher Suites Supported              General    Medium
94437    SSL 64-bit Block Size Cipher Suites Supported (SWEET32)  General    Medium

Environment

  • Red Hat Enterprise Linux 6 and 7

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content