S_Meulmeester
Sep 11, 2019Cirrus
Vulnerability SSL Medium Strength Cipher Suites Supported
From the PCI audit I get the following: Vulnerability SSL Medium Strength Cipher Suites Supported
Currently the following is configured:
list sys httpd
sys httpd {
auth-pam-idle-timeout 2400
ssl-ciphersuite HIGH:!ADH
ssl-protocol TLSv1.2
Would it be correct to change this to
modify /sys httpd ssl-ciphersuite 'ALL:!ADH:!EXPORT:!eNULL:!MD5:!DES:!SSLv2:-TLSv1:-SSLv3:RC4-SHA'
or do I need other settings ?