Separate names with a comma.
Discussion in 'Mail Gateway: Installation and configuration' started by Eric Barreto, Feb 10, 2019.
For security measure, I need to disable tls 1.0, how can I proceed?
Would be fine to know from proxmox side as I'm not aware, where and how the web and api server are configured.
You need to ask directly @tom, @dietmar, @Stoiko Ivanov or someone else of the Proxmox team
AFAIR this is not 'easily' configurable - please open a feature-request at https://bugzilla.proxmox.com should you need it.
Currently the workaround would involve patching `/usr/share/perl5/PMG/Service/pmgproxy.pm` (search for 'sslv3 => 0,' and add a 'tlsv1 =>0,' below).
Thanks for the help, the outline solution seems to work for me, according to sslscan. I tried to disable tlsv1.1 by typing in this syntax: tlsv11, but it did not work.
A colleague told me that this was problematic - however you can try to just enable TLS 1.2 ciphers (AFAIR the list we have configured for PVE should work - https://pve.proxmox.com/pve-docs/pve-admin-guide.html#_pveproxy_proxmox_ve_api_proxy_daemon)
hope that helps