ECC certificates and TLS policy 2018-06-21


(Davide Principi) #1

A new TLS policy is available: 2018-06-21.

  • The slapd service (local LDAP accounts provider) is now protected against POODLE if the new policy is enabled
  • The Server Manager now sanitizes the uploaded certificates, by appending EOL if missing /thanks @Stll0
  • It is now possible to upload a sci-fi ECC certificate with Server Manager
  • The new policy allows to select an ECC certificate as system-wide default /thanks @stephdl

See also the manual:

http://docs.nethserver.org/en/latest/tlspolicy.html#policy-2018-06-21

This feature was discussed here /thanks @danb35


Default TLS policy doesn't allow connections with ECC certificate