Highest Voted 'cipher' Questions - Server Fault Stack Exchange

1

vote

1 answer

Windows Server 2012 R2 - Adding Cipher

this might be a complete newbee question. I have an 2012 R2 Server on which an application should call a partner who only offers the following ciphers: (0xc02f) TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 (eq. 3072 bits RSA) FS 128 (0xc030)…

ssl cipher schannel

asked Sep 17 '20 at 05:57

Moritz

33
1
2
6

1

vote

3 answers

Missing cipher suites on Windows Server 2019

I am using a MEMCM Task Sequence to build servers running Windows Server 2019. So far, I build 22 servers with this OS. At the end of OSD, on 20 of them I have only 10 cipher suites available for…

ssl windows-server-2019 cipher

asked Aug 17 '20 at 07:43

Tuttu

21
1
5

1

vote

1 answer

How to avoid use of medium strength ciphers in WAS liberty server with openJDK 1.8

Good day, I have a IBM WAS liberty server, which is place under OS redhat linux, with openjdk version 1.8.0_242. I receive a pentest report that complain about this server is using medium strength ciphers. And the pentest report also recommend me to…

linux ssl openssl cipher

asked Apr 23 '20 at 14:51

Panadol Chong

153
7

0

votes

1 answer

ADFS stop working

So I tried to secure our domain controllers with a narrowed list of Ciphers and now the Office 365 ADFS is broken for Chrome and Firefox. I need some help trying to figure out how to put it back. I used a GPO to narrow the list and I have unlinked…

ssl adfs cipher

asked Mar 20 '19 at 15:22

Brill

45
1
4

0

votes

1 answer

Disabling the AES cipher suites without ECDHE key exchange algorithm

Currently, we are having below cipher suites used in our platform. AES128-GCM-SHA256 AES128-SHA256 AES128-SHA ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA Post security scan, team has asked us to block the below…

java encryption cipher

asked Mar 09 '19 at 08:43

chandu

3
1
2

0

votes

1 answer

connecting to a FTP by TLS fails from one client, but succeeds from the other

Trying to connect from client2 using the following string works: client2@client2 curl -v --ssl -u 'user:password' ftp://www.example.com:21 * Rebuilt URL to: ftp://www.example.com:21/ * Trying 192.168.177.186... * Connected to www.example.com…

networking ssl ftp cipher

asked Oct 11 '18 at 08:22

catalin

115
2
9

0

votes

0 answers

Log Client Ciphersuite in HAProxy

We know of log configurations that can log negotiated cipher-suite info in successful connections. But what we need to do is to log the client cipher-suite info that HAProxy gets hold of during TLS Handshake, whether or not the connection…

logging haproxy cipher

asked Oct 02 '18 at 14:53

Ace

125
5

0

votes

2 answers

Apapche web server redirect unsupported ciphers to http?

We will be turning off support for browsers that only support TLS1.0 When we turn off support for TLS 1.0 on our web server can we redirect browsers that don't support TLS 1.1 or higher to a http page explaining why they don't have access and what…

ssl apache-2.4 redirect web cipher

asked Jun 19 '18 at 09:47

Curious User

31
2

0

votes

2 answers

How to handle cipher suite mismatch between two servers

I have an IIS website running on two servers. One server is Windows Server 2016, the other Windows Server 2012. Under certain circumstances these two servers need to talk to each other. The cipher used on Windows Server 2012…

ssl windows-server-2012-r2 windows-server-2016 cipher

asked Jun 13 '18 at 19:40

Vincent

808
1
9
12

0

votes

1 answer

Forward secrecy support?

Is it possible to amend the SSL ciphers to support forward secrecy on my CentOS server running Apache 2.4? I currently have the following cipher…

ssl openssl cipher

asked Feb 01 '18 at 15:44

Liam McArthur

123
1
7

0

votes

1 answer

Disable SHA1 now Firefox won't work

I've been tasked to get our site into PCI compliance by disabling SHA1 on the server. I am accomplishing this by using IIS Crypto 2.0. We decided to also go with just TLS 1.2. the specific problem I am having is when I disable SHA1, all versions of…

ssl firefox pci-dss cipher

asked Jan 08 '18 at 19:43

scripter78

121
1
1
5

0

votes

1 answer

JBoss SSLHonorCipherOrder Unexpected Attribute

We have recently moved to HTTPS and we are using Jboss 7.1.0 AS. We have the following standalone.xml configuration at our end.

ssl https jboss cipher

asked Dec 11 '17 at 19:52

Pavan Dittakavi

123
7

0

votes

2 answers

Windows, IIS, Remote Desktop: after disabling insecure ciphers for ssl, I cannot login with remote desktop

In the process of setting up an HTTPS website and in the best practices of it, firstly I disabled ssl v3 (no problem with that) and then I disabled older insecure ciphers and only enabled:…

ssl iis windows-server-2012-r2 remote-desktop cipher

asked Sep 11 '17 at 11:03

MirrorMirror

105
2
12

0

votes

1 answer

Server has "weak cipher setting" according to security audit, replaced offending cipher TLS_RSA_WITH_3DES_EDE_CBC_SHA, but still failing retest audit?

We received an audit from our local cyber security team in which one of our servers displays "Insufficient Transport Layer Protection". According to their description: " DESCRIPTION: The server supports the following weak ciphers:…

security ssl cipher

asked Aug 14 '17 at 18:27

Lasagna Cat

3
3

0

votes

1 answer

Ciphersuite Priority And Handshake

I ran a program called cipherscan, against 2 servers that communicate with each other via TLS. Cipherscan prints details about each server's TLS capabilities. Given the data, I'm wondering how to determine which suite is agreed upon by these 2…

ssl cipher

asked Aug 07 '17 at 22:50

Special Monkey

1
2

Prev 1 2

3

4 5 Next

Questions tagged [cipher]