LDAP SSL/TLS version
Sparc0 opened this issue · 1 comments
Hi,
In our company they are deprecating TLS v1.1 in our AD servers.
After reading through the mavis perl script i guess there is some negotiation with the LDAP server to decide on the version to use and Net::LDAP use the default ones that IO::Socket::SSL uses.
So i should be fine when the day comes when they decide to just disable v1.1.
Would it be possible to update the mavis perl script so that i could specify what versions are allowed myself?
https://metacpan.org/dist/perl-ldap/view/lib/Net/LDAP.pod#start_tls-(-OPTIONS-)
Hi,
the next commit will cover this issue by introducing a "TLS_OPTIONS" environment variable for setting Net::LDAP start_tls() options.
setenv TLS_OPTIONS = "sslversion => 'tlsv1_3'"
Cheers,
Marc