Highest Voted 'cipher' Questions

5

votes

1 answer

How can I disable TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 cipher in Apache2?

In SSL labs, I got that I'm using this "weak cipher": TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 Now in Apache, this is the set of suites I have enabled: SSLCipherSuite…

asked Nov 18 '19 at 17:47

The Quantum Physicist

718

5

votes

1 answer

How to disable AES128 in Apache?

I am using the following cipher, which I keep updating today, don't worry if there is any incompletion in it. Just help me disable AES128. SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:!AES128 It is still using this: TLS_AES_128_GCM_SHA256 (0x1301) …

ssl apache-2.4 cipher

asked Dec 26 '20 at 16:00

user549144

4

votes

0 answers

Scan Ciphers on FTPS port

I'm trying to remove RC4 ciphers per BEAST, but I'm having trouble verifying that there are ciphers available on my FTPS ports. NMAP returns the cert on the port, but doesn't say anything about the ciphers being used (nmap -p 9995 -T4 -A -v server)…

ssl ftps cipher

asked Apr 25 '16 at 15:25

Buzkie

215

3

votes

1 answer

Postfix 2.6.6 with TLS - unable to receive emails from GMail (and a couple of other MTAs) but others are OK, why?

I've just had to look at a CentOS 6 server running Postfix 2.6.6 which was able to send emails to everyone, but could not receive them from GMail (and a few other MTAs) due to incoming TLS negotiation problems. A connection from a .google.com SMTP…

email ssl postfix smtp cipher

asked Aug 24 '18 at 16:27

Chris Woods

398

3

votes

3 answers

Disabling weak protocols and ciphers in Centos with Apache

Can anyone help me determine hat could be the reason I am still getting VA gaps from scanner for the following? My server hosts multiple web app, but I am using the same settings for all virtual hosts. 20007 - SSL Version 2 and 3 Protocol…

ssl apache-2.4 openssl vulnerability cipher

asked Jun 26 '18 at 17:54

Chyornaya Vdova

94

3

votes

0 answers

Apache TrafficServer as reverse proxy gives empty cipher list

I am trying to setup Apache Trafficserver as a reverse proxy. (Debian Stretch, ATS 7.0.0 (also tried 7.1.2 from backports), openssl 1.1.0f) Everything went fine so far, until I came accross configuring TLS. I added port 443 for SSL in…

ssl cipher apache-traffic-server

asked Apr 12 '18 at 06:01

chrikru

31

3

votes

1 answer

What dictates the available Cipher Suites in GlassFish and Payara?

I have the same version of Payara Server (4.1.1.154) running on two different machines. I do not have the same list of available cipher suites between the two. What determines the available cipher suites in Payara and GlassFish?

glassfish cipher

asked Mar 23 '17 at 01:53

Blegger

272

2

votes

2 answers

Disable weak Cipher ubuntu 16

I have started security scanning my network and have issues with Ubuntu 16 and weak cipher suites. I think I found the sshd config. but everything I read on the TLS for apache tells me to go to /etc/httpd which I do not have the directory. I see…

ssl ubuntu-16.04 cipher

asked Jan 31 '19 at 20:37

Brill

45

2

votes

3 answers

Postfix not using TLS ciphers it is supposed to use

I can't receive emails from certain hosts because of a no shared cipher error: postfix/smtpd[15934]: warning: TLS library problem: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher:s3_srvr.c:1440: I am using this postfix settings…

ssl postfix cipher

asked Mar 28 '18 at 13:10

Finn

229
1
2
15

2

votes

1 answer

How to disable TLS v1.1 in Nginx

It seems to be a straightforward configuration setting, but I cannot disable TLSv1.1. nginx.conf in /etc/nginx: ssl_protocols TLSv1.2; Domain configuration last_nginx.conf (changed via Plesk templates in nginxDomainVirtualHost.php): ssl_protocols …

nginx ssl cipher

asked Mar 08 '18 at 06:19

user2723490

267

2

votes

1 answer

How can I see which ciphers a client tried to connect to my postfix server?

Now or then I see postfix logs like this: Mar 18 13:19:19 ... smtpd[1217240]: SSL_accept error from mx0b-002b8002.pphosted.com[148.163.140.242]: -1 Mar 18 13:19:19 ... smtpd[1217240]: warning: TLS library problem: error:0A0000C1:SSL routines::no…

postfix cipher

asked Mar 19 '25 at 09:47

Markus Grunwald

135

2

votes

1 answer

DTLS Cipher Suites in Windows

We recently disabled specific cipher suites for TLS and only allow the most secure ones, this is our…

windows ssl cipher

asked Jun 08 '23 at 15:17

MasteOfDisaste

43

2

votes

1 answer

How To Disable Weak Cipher Suites Only For TLS 1.0 and 1.1 In Windows?

I want to disable some weak cipher suites in Windows but TLS 1.2 is not so vulnerable and I don't want to cause any other problem in the server, so I just want to disable them for TLS 1.0 and 1.1. Disable-TlsCipherSuite command works but disables a…

windows ssl windows-server-2012 https cipher

asked May 25 '22 at 07:18

Sahin

119

2

votes

1 answer

How to disable TLS_AES_128_GCM_SHA256 (or, how to set TLSv1.3 ciphers) in postfix

I have the following in my TLS configuration, but the only problem I have is that TLS_AES_128_GCM_SHA256 is a 128 bit cipher, and I would like to remove it: smtpd_tls_eecdh_grade = ultra smtp_tls_eecdh_grade =…

ssl postfix cipher

asked Jan 09 '21 at 07:16

user549144

2

votes

1 answer

Windows Server 2012 R2 - Adding Cipher

this might be a complete newbee question. I have an 2012 R2 Server on which an application should call a partner who only offers the following ciphers: (0xc02f) TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 (eq. 3072 bits RSA) FS 128 (0xc030)…

ssl cipher schannel

asked Sep 17 '20 at 05:57

Moritz

53

Questions tagged [cipher]