Security

Reply
Highlighted
Occasional Contributor II

CPPM Postgres TLS Settings

Our checkbox enforcers InfoSec folks have determined that we must restrict TLS to v1.2 and I'm unable to find a setting for the postgres listener on 5432/tcp. I've played with the Disable TLS version 1.0/1.1 cluster-wide parameters in my lab (running v6.7.8), but I'm still seeing TLSv1.1 in my scans (sslyze --regular --starttls=postgres <pub>:5432).

 

Is there a way to manage the TLS settings for postgres?

Highlighted
Contributor I

Re: CPPM Postgres TLS Settings

,

 

I'm not aware of such an option be available to the end user.

However, I pretty sure TAC can login to the database with admin acces and set the SSL requirements.

 

Not sure if they will comply to your demand though  

 

Good luck

Sacha
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: