Highest Voted 'cipher' Questions - Server Fault Stack Exchange

3

votes

1 answer

How can I disable TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 cipher in Apache2?

In SSL labs, I got that I'm using this "weak cipher": TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 Now in Apache, this is the set of suites I have enabled: SSLCipherSuite…

asked Nov 18 '19 at 17:47

The Quantum Physicist

656
2
11
25

3

votes

1 answer

Postfix 2.6.6 with TLS - unable to receive emails from GMail (and a couple of other MTAs) but others are OK, why?

I've just had to look at a CentOS 6 server running Postfix 2.6.6 which was able to send emails to everyone, but could not receive them from GMail (and a few other MTAs) due to incoming TLS negotiation problems. A connection from a .google.com SMTP…

email ssl postfix smtp cipher

asked Aug 24 '18 at 16:27

Chris Woods

388
3
21

3

votes

2 answers

Disabling weak protocols and ciphers in Centos with Apache

Can anyone help me determine hat could be the reason I am still getting VA gaps from scanner for the following? My server hosts multiple web app, but I am using the same settings for all virtual hosts. 20007 - SSL Version 2 and 3 Protocol…

ssl apache-2.4 openssl vulnerability cipher

asked Jun 26 '18 at 17:54

Chyornaya Vdova

94
2
2
7

3

votes

0 answers

Apache TrafficServer as reverse proxy gives empty cipher list

I am trying to setup Apache Trafficserver as a reverse proxy. (Debian Stretch, ATS 7.0.0 (also tried 7.1.2 from backports), openssl 1.1.0f) Everything went fine so far, until I came accross configuring TLS. I added port 443 for SSL in…

ssl cipher apache-traffic-server

asked Apr 12 '18 at 06:01

chrikru

31
2

3

votes

1 answer

What dictates the available Cipher Suites in GlassFish and Payara?

I have the same version of Payara Server (4.1.1.154) running on two different machines. I do not have the same list of available cipher suites between the two. What determines the available cipher suites in Payara and GlassFish?

glassfish cipher

asked Mar 23 '17 at 01:53

Blegger

272
1
5
13

3

votes

1 answer

How to disable AES128 in Apache?

I am using the following cipher, which I keep updating today, don't worry if there is any incompletion in it. Just help me disable AES128. SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:!AES128 It is still using this: TLS_AES_128_GCM_SHA256 (0x1301) …

ssl apache-2.4 cipher

asked Dec 26 '20 at 16:00

user549144

2

votes

2 answers

Disable weak Cipher ubuntu 16

I have started security scanning my network and have issues with Ubuntu 16 and weak cipher suites. I think I found the sshd config. but everything I read on the TLS for apache tells me to go to /etc/httpd which I do not have the directory. I see…

ssl ubuntu-16.04 cipher

asked Jan 31 '19 at 20:37

Brill

45
1
4

2

votes

1 answer

How to disable TLS v1.1 in Nginx

It seems to be a straightforward configuration setting, but I cannot disable TLSv1.1. nginx.conf in /etc/nginx: ssl_protocols TLSv1.2; Domain configuration last_nginx.conf (changed via Plesk templates in nginxDomainVirtualHost.php): ssl_protocols …

nginx ssl cipher

asked Mar 08 '18 at 06:19

user2723490

257
1
3
9

2

votes

1 answer

How to disable TLS_AES_128_GCM_SHA256 (or, how to set TLSv1.3 ciphers) in postfix

I have the following in my TLS configuration, but the only problem I have is that TLS_AES_128_GCM_SHA256 is a 128 bit cipher, and I would like to remove it: smtpd_tls_eecdh_grade = ultra smtp_tls_eecdh_grade =…

ssl postfix cipher

asked Jan 09 '21 at 07:16

user549144

1

vote

1 answer

Missing openssl cipher-algorithms on specific VMs/Hoster

I'm trying to use AES-128-CBC-HMAC-SHA256 but this cipher-algorithm isn't available on a VM on a specific hosting provider. The OS, installed packages, Kernel, openssl version, and the like are the same on both VMs (different provider). Does this…

hardware openssl cipher

asked Jul 11 '19 at 16:17

Erik

13
2

1

vote

1 answer

SSLCipherSuite - more precise definition, need only strong ciphers

The Apache documentation of SSLCipherSuite seems a little vague and the examples I found on the web make it much worse. I see a lot of references to "all", long lists of specific ciphers and lots of "!" references. For a simple…

apache-2.4 configuration cipher

asked Jun 04 '19 at 15:56

Senior Geek

55
9

1

vote

1 answer

Websphere MQ 7.0.1-14 - able to add missing ssl cipher suites?

I have to connect to a MQ 9 QMGR, which does not allow the available Cipher Suites I can choose from in MQ Explorer that is part of my 7.0.1-14 installation (Linux x86_64). Can I add the needed Cipher Suites without upgrading to a newer MQ…

ssl cipher ibm-mq

asked Aug 03 '18 at 13:06

sebkoe

47
9

1

vote

0 answers

Troubleshooting Cipher handshake issue

All right, so I have work with our networking engineers and it just appears that nobody is able to figure this issue out and so I'm all out of options as I have attempted to Google research this issue to death with no avail. So with that being said,…

ssl load-balancing iis-8.5 cipher

asked Apr 13 '18 at 22:31

Ryan Wakefield

11
1

1

vote

3 answers

Postfix not using TLS ciphers it is supposed to use

I can't receive emails from certain hosts because of a no shared cipher error: postfix/smtpd[15934]: warning: TLS library problem: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher:s3_srvr.c:1440: I am using this postfix settings…

ssl postfix cipher

asked Mar 28 '18 at 13:10

Finn

209
2
14

1

vote

1 answer

RHEL ports not using same cipher

[UPDATE] I ran the openssl command from a couple servers and my local machine. It seems like port 9443 is not remaining consistent. The cipher on server1:9443 remained the same from the first server (RHEL5) I queried from. However, querying from my…

ssl openssl rhel5 jboss cipher

asked Nov 07 '17 at 19:36

Ian

71
5

Questions tagged [cipher]