TLS Policy is the default and config doesn't show any


NethServer Version: 7.8.2003
Module: base

Reading this post [Cockpit still using TLS 1.1] made me curious.

So I checked it and this turned out:

# config show tls

And in cockpit I see this

Is it correct to leave it like that? or should i select one from the list?

Hoping to have no problems (I only use the active directory and zabbix to which I don’t have access with the default password)

TL;DR: TLS <1.2 is deprecated. Don’t use them.

Time to take a snapshot to be safe, and go for the Policy 2020-05-10
If a choose wrong, my fear is not being able to access the cockpit, if this is possible.

The warning says that “Default policy may use a weak encryption…”. And the docs customize the default policy as Policy 2018-03-30 for Apache

you can still go back, use ssh

config setprop tls policy ''
signal-event tls-policy-save

the only risk is if you use older browser/OS

1 Like