NethServer Version: 7.8.2003
Module: base
Reading this post [Cockpit still using TLS 1.1] made me curious.
So I checked it and this turned out:
# config show tls
tls=configuration
policy=
And in cockpit I see this
Is it correct to leave it like that? or should i select one from the list?
Hoping to have no problems (I only use the active directory and zabbix to which I don’t have access with the default password)
https://datatracker.ietf.org/doc/draft-ietf-tls-oldversions-deprecate/
TL;DR: TLS <1.2 is deprecated. Don’t use them.
Time to take a snapshot to be safe, and go for the Policy 2020-05-10
If a choose wrong, my fear is not being able to access the cockpit, if this is possible.
The warning says that “Default policy may use a weak encryption…”. And the docs customize the default policy as Policy 2018-03-30 for Apache
you can still go back, use ssh
config setprop tls policy ''
signal-event tls-policy-save
the only risk is if you use older browser/OS