Hello everyone.
I'm new here though I've read a lot over the past months this site.
I have a problem disabling TLSv1.0 and TLSv1.1 in webmin 1.870.
I have installed this version on a HPUX 11.31, but also a lower version was installed earlier this year. On both cases I couldn't disable those protocols.
On other machines with OS RHEL7 there is no problem disabling this feature.
The reason why I am disabling TLS is PCI scans pointed out that this protocol should be disable.
Hope anyone can give me lights to search for the problem and the solution to this issue.
Thanks in advance.
Raul
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hello.
I am a user of Webmin on HP UX 11.31 on Itanium machines (HP-UX B.11.31 U ia64)
I can disable TLSv1.0 and 1.1 via Webmin Configuration - SSL Encription - SSL protocol versions to reject... then select TLS versions to disable ...
But I have encountered another issue: on my machines I can't make Webmin use TLS v1.2.
Can you?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hello Adrian, can you tell me the settings of your miniserv.conf file?
I have done exactly like you did but with no results.
Since I can't disable TLSv1, webmin uses this protocol to connect not TLSv1.2 as it should.
Also my HPUX is a VPAR does that make any difference?
Raúl
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hello Raul,
from miniserv.conf:
ssl=1
no_ssl2=1
no_ssl3=1
no_tls1=
You should have no_tls1=1 also.
When I use no_tls1=1 and no_tls1_1=1 (wich disables TLSv1.1), I can't reach Webmin server anymore (it does not work for me with TLSv1.2 :-( )
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
That's exactly my problem, whenever I disable (no_tls1_1=1) I can't reach webmin, and I have the latest openssl and latest perl installed. I'm checking with 3rd party the settings to see if I can solve it.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Thanks to all for the help, the newer version of perl 5.8.8.O was the solution, now I can disable TLS1 and TLS1.1.
The depot was at HPE Software download page.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hello everyone.
I'm new here though I've read a lot over the past months this site.
I have a problem disabling TLSv1.0 and TLSv1.1 in webmin 1.870.
I have installed this version on a HPUX 11.31, but also a lower version was installed earlier this year. On both cases I couldn't disable those protocols.
On other machines with OS RHEL7 there is no problem disabling this feature.
The reason why I am disabling TLS is PCI scans pointed out that this protocol should be disable.
Hope anyone can give me lights to search for the problem and the solution to this issue.
Thanks in advance.
Raul
Hello.
I am a user of Webmin on HP UX 11.31 on Itanium machines (HP-UX B.11.31 U ia64)
I can disable TLSv1.0 and 1.1 via Webmin Configuration - SSL Encription - SSL protocol versions to reject... then select TLS versions to disable ...
But I have encountered another issue: on my machines I can't make Webmin use TLS v1.2.
Can you?
Hello Adrian, can you tell me the settings of your miniserv.conf file?
I have done exactly like you did but with no results.
Since I can't disable TLSv1, webmin uses this protocol to connect not TLSv1.2 as it should.
Also my HPUX is a VPAR does that make any difference?
Raúl
Hello Raul,
from miniserv.conf:
ssl=1
no_ssl2=1
no_ssl3=1
no_tls1=
You should have no_tls1=1 also.
When I use no_tls1=1 and no_tls1_1=1 (wich disables TLSv1.1), I can't reach Webmin server anymore (it does not work for me with TLSv1.2 :-( )
That's exactly my problem, whenever I disable (no_tls1_1=1) I can't reach webmin, and I have the latest openssl and latest perl installed. I'm checking with 3rd party the settings to see if I can solve it.
Hello,
Can you use TLS1_1? I can't... I must be able to use TLS1_2, but even TLS1_1 would be beter than TLS1 ...
Hello,
in my case installing a newer version of Net::SSLeay was the solution.
Webmin uses now TLSv1.2.
yes older versions of ssleay does not support tlsv2 and thus also not disabling old versions
Hello, do you know where can I donwload the latest versión of Net::SSLeay for HPUX 11.31?
Thanks to all for the help, the newer version of perl 5.8.8.O was the solution, now I can disable TLS1 and TLS1.1.
The depot was at HPE Software download page.