Highest Voted 'cipher' Questions - Server Fault Stack Exchange

4

votes

1 answer

How to disable AES128 in Apache?

I am using the following cipher, which I keep updating today, don't worry if there is any incompletion in it. Just help me disable AES128. SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:!AES128 It is still using this: TLS_AES_128_GCM_SHA256 (0x1301) …

ssl apache-2.4 cipher

asked Dec 26 '20 at 16:00

user549144

3

votes

1 answer

How can I disable TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 cipher in Apache2?

In SSL labs, I got that I'm using this "weak cipher": TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 Now in Apache, this is the set of suites I have enabled: SSLCipherSuite…

ssl apache-2.4 apache2 encryption cipher

asked Nov 18 '19 at 17:47

The Quantum Physicist

658
2
11
26

3

votes

1 answer

Postfix 2.6.6 with TLS - unable to receive emails from GMail (and a couple of other MTAs) but others are OK, why?

I've just had to look at a CentOS 6 server running Postfix 2.6.6 which was able to send emails to everyone, but could not receive them from GMail (and a few other MTAs) due to incoming TLS negotiation problems. A connection from a .google.com SMTP…

email ssl postfix smtp cipher

asked Aug 24 '18 at 16:27

Chris Woods

398
3
22

3

votes

3 answers

Disabling weak protocols and ciphers in Centos with Apache

Can anyone help me determine hat could be the reason I am still getting VA gaps from scanner for the following? My server hosts multiple web app, but I am using the same settings for all virtual hosts. 20007 - SSL Version 2 and 3 Protocol…

ssl apache-2.4 openssl vulnerability cipher

asked Jun 26 '18 at 17:54

Chyornaya Vdova

94
2
2
7

3

votes

0 answers

Apache TrafficServer as reverse proxy gives empty cipher list

I am trying to setup Apache Trafficserver as a reverse proxy. (Debian Stretch, ATS 7.0.0 (also tried 7.1.2 from backports), openssl 1.1.0f) Everything went fine so far, until I came accross configuring TLS. I added port 443 for SSL in…

ssl cipher apache-traffic-server

asked Apr 12 '18 at 06:01

chrikru

31
2

3

votes

1 answer

What dictates the available Cipher Suites in GlassFish and Payara?

I have the same version of Payara Server (4.1.1.154) running on two different machines. I do not have the same list of available cipher suites between the two. What determines the available cipher suites in Payara and GlassFish?

glassfish cipher

asked Mar 23 '17 at 01:53

Blegger

272
1
5
14

2

votes

2 answers

Disable weak Cipher ubuntu 16

I have started security scanning my network and have issues with Ubuntu 16 and weak cipher suites. I think I found the sshd config. but everything I read on the TLS for apache tells me to go to /etc/httpd which I do not have the directory. I see…

ssl ubuntu-16.04 cipher

asked Jan 31 '19 at 20:37

Brill

45
1
4

2

votes

1 answer

How to disable TLS v1.1 in Nginx

It seems to be a straightforward configuration setting, but I cannot disable TLSv1.1. nginx.conf in /etc/nginx: ssl_protocols TLSv1.2; Domain configuration last_nginx.conf (changed via Plesk templates in nginxDomainVirtualHost.php): ssl_protocols …

nginx ssl cipher

asked Mar 08 '18 at 06:19

user2723490

267
1
3
9

2

votes

0 answers

Scan Ciphers on FTPS port

I'm trying to remove RC4 ciphers per BEAST, but I'm having trouble verifying that there are ciphers available on my FTPS ports. NMAP returns the cert on the port, but doesn't say anything about the ciphers being used (nmap -p 9995 -T4 -A -v server)…

ssl ftps cipher

asked Apr 25 '16 at 15:25

Buzkie

195
4
11

2

votes

0 answers

DTLS Cipher Suites in Windows

I have a very specific question about DTLS and Windows that I can't seem to find on Google. At our company we recently decided to disable specific cipher suites for TLS and only allow the most secure ones, this is our…

windows ssl cipher

asked Jun 08 '23 at 15:17

MasteOfDisaste

43
6

2

votes

1 answer

How To Disable Weak Cipher Suites Only For TLS 1.0 and 1.1 In Windows?

I want to disable some weak cipher suites in Windows but TLS 1.2 is not so vulnerable and I don't want to cause any other problem in the server, so I just want to disable them for TLS 1.0 and 1.1. Disable-TlsCipherSuite command works but disables a…

windows ssl windows-server-2012 https cipher

asked May 25 '22 at 07:18

Sahin

119
1
5

2

votes

1 answer

How to disable TLS_AES_128_GCM_SHA256 (or, how to set TLSv1.3 ciphers) in postfix

I have the following in my TLS configuration, but the only problem I have is that TLS_AES_128_GCM_SHA256 is a 128 bit cipher, and I would like to remove it: smtpd_tls_eecdh_grade = ultra smtp_tls_eecdh_grade =…

ssl postfix cipher

asked Jan 09 '21 at 07:16

user549144

2

votes

2 answers

How do I disable just one cipher out of OpenSSL TLSv1.3 list?

I use Nginx + Let's Encrypt with OpenSSL on my server. I wanted to use TLSv1.2 and TLSv1.3. But I wanted to use very specific SSL ciphers. Specifically: TLS_AES_256_GCM_SHA384 (TLSv1.3), TLS_CHACHA20_POLY1305_SHA256…

nginx openssl ubuntu-18.04 lets-encrypt cipher

asked Sep 11 '20 at 03:32

Hadi

21
1
4

1

vote

1 answer

Missing openssl cipher-algorithms on specific VMs/Hoster

I'm trying to use AES-128-CBC-HMAC-SHA256 but this cipher-algorithm isn't available on a VM on a specific hosting provider. The OS, installed packages, Kernel, openssl version, and the like are the same on both VMs (different provider). Does this…

hardware openssl cipher

asked Jul 11 '19 at 16:17

Erik

13
2

1

vote

1 answer

SSLCipherSuite - more precise definition, need only strong ciphers

The Apache documentation of SSLCipherSuite seems a little vague and the examples I found on the web make it much worse. I see a lot of references to "all", long lists of specific ciphers and lots of "!" references. For a simple…

apache-2.4 configuration cipher

asked Jun 04 '19 at 15:56

Senior Geek

55
9

Questions tagged [cipher]