[PVE-User] Change pveproxy to tls1.2
Dietmar Maurer
dietmar at proxmox.com
Tue Dec 2 14:11:20 CET 2014
> It's hardcoded but works perfectly (I guess until next upgrade, but anyway).
>
> A way how to disable sslv3 and support tls1.2 and 1.1 is that:
>
> Edit file /usr/bin/pveproxy
> Find "method => "tlsv1", comment it out.
> Now "ssleay" supports all tls versions and ssl versions.
> It's relatively easy to disable sslv3 by adding a line
>
> "sslv3 => 0,"
just committed a fix for that:
https://git.proxmox.com/?p=pve-manager.git;a=commitdiff;h=f6bc4a73d0f252bbae1d5a769068351ed1cc33a1
I disabled both - just to be sure:
+ sslv2 => 0,
+ sslv3 => 0,
More information about the pve-user
mailing list