Christopher Lamb via FreeIPA-users wrote:
Hi All We operate an IPA Server version 4.2 on OEL 7.2. This installation supports RC4 Cipher Suites on port 443. I understand that this is the port accessed by IPA command line tools. How do I disable RC4? From the release notes for IPA 4.3.1, I see various changes removing support for RC4. So would upgrading our IPA Server to 4.3.1 or later (e.g. to 4.6.4) disable RC4? Or do I have to do a new install?
Upgrading will update the configuration.
rob
Christopher Lamb wrote:
Thanks Rob, that is good news. My original question was specific to port 443. Will the upgrade disable RC4 on all other ports used by IPA and its sub-components (e.g. DogTag, 389)
I believe those already defaulted to RC4 disabled so we didn't need to touch them.
rob
----- Original message ----- From: Rob Crittenden via FreeIPA-users <freeipa-users@lists.fedorahosted.org> To: FreeIPA users list <freeipa-users@lists.fedorahosted.org> Cc: Christopher Lamb <christopher.lamb@ch.ibm.com>, Rob Crittenden <rcritten@redhat.com> Subject: [Freeipa-users] Re: IPA Server SSL RC4 Cipher Suites on Port 443 Date: Tue, Jan 8, 2019 4:37 PM Christopher Lamb via FreeIPA-users wrote: > Hi All > > We operate an IPA Server version 4.2 on OEL 7.2. > > This installation supports RC4 Cipher Suites on port 443. I understand > that this is the port accessed by IPA command line tools. > > How do I disable RC4? > > From the release notes for IPA 4.3.1, I see various changes removing > support for RC4. So would upgrading our IPA Server to 4.3.1 or later > (e.g. to 4.6.4) disable RC4? > > Or do I have to do a new install? Upgrading will update the configuration. rob _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
freeipa-users@lists.fedorahosted.org