Forum Discussion
Ashwin_Venkat
Dec 14, 2017Employee
Simply appending :!ADH (as mentioned above) should allow for disabling Anonymous DH cipher suites. Moreover, I'd also recommend disabling some of the other known weaker ones that are enabled for your cipher string like RC4, DES, 3DES (Sweet32). Therefore, a cipher string like 'TLSv1_2:!ADH:!DES:!3DES:!RC4' (without the quotes) is a great start.