IDM: Decreased security in httpd when using deprecated TLS protocol version (PCI DSS)
Issue
- Insights complains about deprecated TLS protocol version on a vanilla IDM install
"Decreased security in httpd when using deprecated TLS protocol version (PCI DSS)"
- Config
# grep NSSProtocol /etc/httpd/conf.d/nss.conf
NSSProtocol TLSv1.0,TLSv1.1,TLSv1.2
- TLSv1 and TLSv1.1 should not be allowed.
Environment
- Red Hat Enterprise Linux 7.4
- IdM
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.