Open gaju0083 opened 3 years ago
I'm currently trying to figure out how to configure PASSIVE checks to go out over TLS 1.2, and running into a wall.
However, if you're asking about ACTIVE checks, NSClient++ should accept TLS 1.2 by default.
According to the documentation, you can explicitly disable TLS v1.0 by adding the following to your nsclient.ini
file (i.e. under the appropriate heading):
[/settings/NRPE/server]
ssl options = no-sslv2,no-sslv3,no-tlsv1
Any updates on this? Is there any way to use NSClient++ with TLS 1.2 for passive checks? Without this update this tool is dead for us as we are required to use TLS 1.2 now. @mickem
Issue and Steps to Reproduce
We are getting security alert from our security team mentioning to disable SSL2.0 and 3.0 and start using TLS1.2 for NSClient. What is the process to do the same?
Expected Behavior
Tell us what you think should happen.
Actual Behavior
Tell us what happens instead.
Details
Additional Details
NSClient++ log: