How can I force CUPS in RHEL to use only TLS 1.2

Solution In Progress - Updated -

Issue

  • Our company wants us to force everything to TLS 1.2, denying TLS 1.1, 1.0, and all SSL version on all ports which offer TLS encryption. I didn't find an option on how to force cupsd to 1.2.
  • Need a way to disable TLS 1.0, 1.1, SSLv1,2,3 leave only TLS1.2 enabled.
  • Nessus scan finds the following vulnerabilities on our CUPSD server.
    Could you, please, advise how to update cupsd configuration to fix them?

    42873    SSL Medium Strength Cipher Suites Supported              General    Medium
    94437    SSL 64-bit Block Size Cipher Suites Supported (SWEET32)  General    Medium
    

Environment

  • Red Hat Enterprise Linux 6 and 7

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.