Hi,
Noticed tlsmon picking up that services deployed using the SMTP relay charm have TLS1.0 and TLS1.1 still enabled. We should disable this by default and perhaps a charm option with a big fat warning to override it.
From:
| smtpd_tls_protocols = !SSLv2 !SSLv3
To:
| smtpd_tls_protocols = >=TLSv1.2
Hi,
Noticed tlsmon picking up that services deployed using the SMTP relay charm have TLS1.0 and TLS1.1 still enabled. We should disable this by default and perhaps a charm option with a big fat warning to override it.
From:
| smtpd_tls_protocols = !SSLv2 !SSLv3
To:
| smtpd_tls_protocols = >=TLSv1.2