Forum Discussion
wlopez
Feb 25, 2019Cirrocumulus
You can test your cipher string using the following commands from bash:
tmm --clientciphers 'YOUR CLIENT SSL CIPHER STRING'
tmm --serverciphers 'YOUR SERVER SSL CIPHER STRING'
Exammple:
This will give you the default client ssl ciphers for the version your running:
tmm --clientciphers 'DEFAULT'
With it you can see what's active by default on your version, and start working from there.
To view your current setup:
tmm --clientciphers 'DEFAULT:@STRENGTH:!3DES:!EXPORT:!EXP:!MD5:!RC4'
My recommendation based on your version, to comply with just about every regulation out there would be:
tmm --clientciphers 'ECDHE:DEFAULT:!DHE:!3DES:!TLSv1:@STRENGTH'