smeserver-ldap/root/etc/e-smith/templates/etc/openldap/slapd.conf/12tls


TLSCipherSuite         { $ldap{CipherSuite} || $modSSL{CipherSuite} || 'ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:HIGH@STRENGTH:!SSLv2:!ADH:!aNULL:!MD5:!RC4' }
TLSProtocolMin         { my $TLSProtocolMin = $ldap{TLSProtocolMin} || 'TLSv1.2';
if ( $TLSProtocolMin eq 'SSLv3' ){
        $OUT = " 3.0";
} elsif ( $TLSProtocolMin eq 'TLSv1.0' || $TLSProtocolMin eq 'TLSv1' ){
        $OUT = " 3.1";
} elsif ( $TLSProtocolMin eq 'TLSv1.1' ){
        $OUT = " 3.2";
} elsif ( $TLSProtocolMin eq 'TLSv1.2' ){
        $OUT = " 3.3";
}
}
TLSCACertificateFile   /etc/openldap/ssl/slapd.pem
TLSCertificateFile     /etc/openldap//ssl/slapd.pem
TLSCertificateKeyFile  /etc/openldap/ssl/slapd.pem
TLSVerifyClient        never
initial commit of file from CVS for e-smith-ldap on Wed 12 Jul 08:58:23 BST 2023 2023-07-12 08:58:23 +01:00
			`TLSCipherSuite { $ldap{CipherSuite} \|\| $modSSL{CipherSuite} \|\| 'ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:HIGH@STRENGTH:!SSLv2:!ADH:!aNULL:!MD5:!RC4' }`
			`TLSProtocolMin { my $TLSProtocolMin = $ldap{TLSProtocolMin} \|\| 'TLSv1.2';`
			`if ( $TLSProtocolMin eq 'SSLv3' ){`
			`$OUT = " 3.0";`
			`} elsif ( $TLSProtocolMin eq 'TLSv1.0' \|\| $TLSProtocolMin eq 'TLSv1' ){`
			`$OUT = " 3.1";`
			`} elsif ( $TLSProtocolMin eq 'TLSv1.1' ){`
			`$OUT = " 3.2";`
			`} elsif ( $TLSProtocolMin eq 'TLSv1.2' ){`
			`$OUT = " 3.3";`
			`}`
			`}`
			`TLSCACertificateFile /etc/openldap/ssl/slapd.pem`
			`TLSCertificateFile /etc/openldap//ssl/slapd.pem`
			`TLSCertificateKeyFile /etc/openldap/ssl/slapd.pem`
			`TLSVerifyClient never`