On 20/10/2018 15:59, Kaushal Shriyan wrote:
On Wed, Oct 17, 2018 at 7:00 PM murugesh pitchaiah
mailto:murugesh.pitcha...@gmail.com>>
wrote:
Hi,
You may list down what ciphers configured : "openssl ciphers"
Choose CBC ciphers and add them to the list of 'ssl_ciphers' with "!"
On Wed, Oct 17, 2018 at 7:00 PM murugesh pitchaiah <
murugesh.pitcha...@gmail.com> wrote:
> Hi,
>
> You may list down what ciphers configured : "openssl ciphers"
> Choose CBC ciphers and add them to the list of 'ssl_ciphers' with "!"
> prefix appended to current ssl_ciphers.
>
> > ssl_ciphers HIGH
Hi,
You may list down what ciphers configured : "openssl ciphers"
Choose CBC ciphers and add them to the list of 'ssl_ciphers' with "!"
prefix appended to current ssl_ciphers.
> ssl_ciphers HIGH:!aNULL:!MD5:!DH+3DES:!kEDH:!AAA_CBC_BBB:
Ref:
https://serverfault.com/questions/692119/meaning-of-ss
Hi,
I have the below ssl settings in nginx.conf file and VAPT test has reported
us to disable CBC ciphers
ssl_ciphers HIGH:!aNULL:!MD5:!DH+3DES:!kEDH;
> ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
openssl version on the box is OpenSSL 1.0.2k-fips 26 Jan 2017 on CentOS
Linux release 7.3.1611 (Core)
I
