I will let others confirm, but the message "_conf_setallciphers - Failed to
get the default state of cipher" may not be an actual error, but more a
warning that could be ignored, as the the default ciphers are
configured later, per the log entries provided.
Could you add the nss package version, as well as the details from the entry
rpm -q nss nspr
ldapsearch -LLLxD 'cn=directory manager' -W -b cn=encryption,cn=config -s
base sslVersionMin sslVersionMax allowWeakCipher
nsSSL3Ciphers nsSSLSupportedCiphers nsSSLEnabledCiphers
?
Thanks,
M.
On Wed, Jun 24, 2020 at 9:57 AM Ghiurea, Isabella <
Isabella.Ghiurea(a)nrc-cnrc.gc.ca> wrote:
Our new DS env is running:
389-ds-base-libs-1.3.9.1-10.el7.x86_64
389-ds-base-1.3.9.1-10.el7.x86_64
After DS was upgrade to above version seeing this error when restarting
the DS, we have another host with same version and suppose same cfg but
never saw the error, please advise a fix for this issue in this version:
Thank you
ERR - Security Initialization - _conf_setallciphers - Failed to get the
default state of cipher (null)
[24/Jun/2020:09:22:54.686777541 -0700] - ERR - Security Initialization -
_conf_setallciphers - Failed to get the default state of cipher (null)
[24/Jun/2020:09:22:54.687024072 -0700] - ERR - Security Initialization -
_conf_setallciphers - Failed to get the default state of cipher (null)
[
[24/Jun/2020:09:22:54.688953359 -0700] - INFO - Security Initialization -
SSL info: Enabling default cipher set.
[24/Jun/2020:09:22:54.689229153 -0700] - INFO - Security Initialization -
SSL info: Configured NSS Ciphers
_______________________________________________
389-users mailing list -- 389-users(a)lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproje...