Как отключить TLSv1.0, TLSv1.1 Zimbra

zimbra Zimbra

Disable TLSv1 for proxy server/s:

zmprov mcf -zimbraReverseProxySSLProtocols TLSv1.0
zmprov mcf -zimbraReverseProxySSLProtocols TLSv1.1
zmproxyctl restart

Disable TLSv1 in Jetty for HTTPS, IMAPS, POP3S, and STARTTLS (including LMTP)

zmprov ms `zmhostname` -zimbraMailboxdSSLProtocols TLSv1.0
zmprov ms `zmhostname` -zimbraMailboxdSSLProtocols TLSv1.1
zmmailboxdctl restart

Disable TLSv1 for ports 465, 587 and 25:

zmprov mcf zimbraMtaSmtpTlsProtocols '!SSLv2,!SSLv3,!TLSv1.0,!TLSv1.1'
zmprov mcf zimbraMtaSmtpdTlsProtocols '!SSLv2,!SSLv3,!TLSv1.0,!TLSv1.1'

zmprov mcf zimbraMtaSmtpTlsMandatoryProtocols '!SSLv2,!SSLv3,!TLSv1.0,!TLSv1.1'
zmprov mcf zimbraMtaSmtpdTlsMandatoryProtocols '!SSLv2,!SSLv3,!TLSv1.0,!TLSv1.1'
zmmtactl restart

Verified Against: Zimbra Collaboration 8.8.11, 8.8.12

Оцените статью
Добавить комментарий