core icon indicating copy to clipboard operation
core copied to clipboard
verified publisher icon opnsense

[Feature Request] OpenVPN Instances - TLS Version Minimum

Open ky41083 opened this issue 1 year ago • 0 comments

Important notices

Before you add a new report, we ask you kindly to acknowledge the following:

  • [X] I have read the contributing guide lines at https://github.com/opnsense/core/blob/master/CONTRIBUTING.md
  • [X] I am convinced that my issue is new after having checked both open and closed issues at https://github.com/opnsense/core/issues?q=is%3Aissue

Is your feature request related to a problem? Please describe.

Meet compliancy policy requirements & prevent TLS downgrade attacks.

Describe the solution you like

A drop down option w/ 1.2, 1.3, and Highest as options for both servers and clients. This would achieve something similar to the following:

# Use 1.2
tls-version-min 1.2
# Use 1.3
tls-version-min 1.3
# Use Highest Supported
tls-version-min 0.0 or-highest

Describe alternatives you considered

There are no alternatives for this.

ky41083 avatar Oct 01 '24 16:10 ky41083