How to support more HTTPS Ciphers?

Question

I am debugging an IoT device that I am making. I am having it try and connect to my website (EC2 hosted) over HTTPS. The device is running into an issue negotiating the TLS handshake, and it is throwing a Handshake Failure (40). The IoT device supports the following Cipher Suites.

TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_MD5

How can I make my server support one of these Cipher Suites? Do I need a different SSL cert? My current one is from https://www.sslforfree.com/

My website is https://sniffergps.com/ and https://app.sniffergps.com/ (Amazon API Gateway)

Termination details: For app.sniffergps.com, I am using AWS API Gateway, custom domain. I just input my certificate details.

For sniffergps.com, its Elastic beanstalk, so the certificate is on the load balancer.

score 0 · Answer 1 · answered Feb 25 '17 at 23:15

0

SSLLabs says TLS_RSA_WITH_AES_128_CBC_SHA is supported. Otherwise you can go into the ELB ad update the cipher settings to support more options.

answered Feb 25 '17 at 23:15

Jason Martin

5,023
17
24

How to support more HTTPS Ciphers?

1 Answers1