Hi, OpenLDAP seems to support an undocumented configuration parameter "TLSProtocolMin" when linked against OpenSSL. It allows to set the minimum SSL/TLS protocol version: * TLSProtocolMin 768 # (3 << 8) disables SSLv2 * TLSProtocolMin 769 # ((3 << 8)+1) disables SSLv2 and SSLv3 As there's no documentation for TLSProtocolMin: Is this feature ready for production or is it experimental?
Please file an ITS about its lack of documentation: http://www.openldap.org/its
--Quanah -- Quanah Gibson-Mount Lead Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration