This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Disable TLS1.0/1.1 for HTTP?

Trying to remediate vulnerabilities and we're tasked with disabling TLS1.0 and 1.1. I am able to disable it for LDAP, but we're getting dinged on the iMonitor/DHost HTTP services. Is there a way to disable TLS1.0 and 1.1 on the HTTP object? I couldn't find any documentation on it and none of the attributes seemed to indicate that they would manage that like the ldapSSLconfig attribute did on the LDAP side. I suppose the alternative would be to just disable the HTTPS port somehow (maybe by just not defining the http.server.tls-port option, although that may just assign one dynamically).

Tags: