As TLSv1.2 was introduced with version 4.5.4 I'm interested in how to
enforce TLS versions. The documentation states that support is added,
but there is no comment on how to enforce TLSv1.2.

I'm using the native Remote Loader on Linux and I see the following in
the rdxml trace:


Code:
--------------------

DirXML: [11/28/16 22:31:25.03]: TRACE: Remote Loader: Waiting for DirXML to connect on 'TCP server socket, port 8293, address x.x.x.x, using SSL'...
DirXML: [11/28/16 22:31:25.04]: TRACE: Remote Loader: Connection monitor thread starting.
DirXML: [11/28/16 22:31:25.04]: TRACE: Remote Loader: Opening connection...
DirXML: [11/28/16 22:31:25.04]: TRACE: Remote Loader: Server socket parameters: address = /x.x.x.x port = 8293 keystore = '/opt/novell/dirxml/rdxml.jks' storepass = <suppressed> SSL mode = client
DirXML: [11/28/16 22:31:25.04]: TRACE: Remote Loader: Creating a JSSE SSLServerSocket
DirXML: [11/28/16 22:31:25.67]: TRACE: Remote Loader: Entering listener accept()

--------------------


I know that the Remote Loader on Windows explicitly logs 'using TLS' so
this makes me wonder.....

I've tried using testssl.sh (https://testssl.sh) on the Remote Loader
port, but the script states that the server doesn't seem to be a TLS/SSL
enabled.

Any suggestions?


--
sveldhuisen
------------------------------------------------------------------------
sveldhuisen's Profile: https://forums.netiq.com/member.php?userid=1813
View this thread: https://forums.netiq.com/showthread.php?t=56986