We have a customer, where they are on Zimbra 7 , and are using TLS 1.0 connection. We want to upgrade the TLS version to at least 1.2. Please let me know, if we can do that, and what steps I need to perform for the same.
Thanks
Zimbra 7 TLS 1.2 Support
- L. Mark Stone
- Ambassador
- Posts: 2802
- Joined: Wed Oct 09, 2013 11:35 am
- Location: Portland, Maine, US
- ZCS/ZD Version: 10.0.7 Network Edition
- Contact:
Re: Zimbra 7 TLS 1.2 Support
Zimbra 7 is so far past end of life it is not even listed in Zimbra's current life cycle policy: https://www.zimbra.com/support/support- ... lifecycle/Charan wrote:We have a customer, where they are on Zimbra 7 , and are using TLS 1.0 connection. We want to upgrade the TLS version to at least 1.2. Please let me know, if we can do that, and what steps I need to perform for the same.
Thanks
Suggest your customer do a side-by-side migration a currently supported version of Zimbra.
FWIW, I can confirm that Zimbra 8.8.10 works well with the proxy component limited to TLS 1.2 only. You can read my blog post about this here: http://www.missioncriticalemail.com/201 ... nly-tls12/
Hope that helps,
Mark
___________________________________
L. Mark Stone
Mission Critical Email - Zimbra VAR/BSP/Training Partner https://www.missioncriticalemail.com/
AWS Certified Solutions Architect-Associate
L. Mark Stone
Mission Critical Email - Zimbra VAR/BSP/Training Partner https://www.missioncriticalemail.com/
AWS Certified Solutions Architect-Associate
Re: Zimbra 7 TLS 1.2 Support
I personally much prefer Zimbra 7 to Zimbra 8.x - there's virtually nothing new in Zimbra 8.x; even the interface and user experience seems to be a step backward.
So we are currently looking at ways to get TLS1.2 to work on Zimbra 7.
It looks like this directory might be relevant:-
/opt/zimbra/java/jre/lib/security/
and then we have to update the ciphers....
Will keep you posted on how we get on.
So we are currently looking at ways to get TLS1.2 to work on Zimbra 7.
It looks like this directory might be relevant:-
/opt/zimbra/java/jre/lib/security/
and then we have to update the ciphers....
Will keep you posted on how we get on.
Re: Zimbra 7 TLS 1.2 Support
You're wrong and foolhardy to think that, there are many security fixes in the recent versions of ZCS - if you value the security of your users and ZCS server then you'd be advised to upgrade at the earliest opportunity.mutface wrote:I personally much prefer Zimbra 7 to Zimbra 8.x -
Re: Zimbra 7 TLS 1.2 Support
Name 3 security fixes that are critical.
The user interface for Zimbra 8 is not as good as Zimbra 7; that's my personal preference.
The user interface for Zimbra 8 is not as good as Zimbra 7; that's my personal preference.
Re: Zimbra 7 TLS 1.2 Support
You must be joking! The security of your server is your responsibility, if you can't be bothered to check for yourself I'm certainly not going to do it and I think your attitude to the security of your server and the security of your users totally irresponsible.mutface wrote:Name 3 security fixes that are critical.
Re: Zimbra 7 TLS 1.2 Support
Heartbleed for one.mutface wrote:Name 3 security fixes that are critical.
The user interface for Zimbra 8 is not as good as Zimbra 7; that's my personal preference.
If you're dependent on Zimbra's user interface you're doing it wrong. Just use another mail client like Outlook to get stuff off/on your mail server.
Running outdated server is very irresponsible and you may be liable if your client get hacked because you discouraged them from upgrading.