During our recent pen test, it was discovered that the GSS appears to be running what could be considered a "weak" cipher:
"SSL Weak Cipher Suite Supported - The web servers tested supports the use of weak SSL ciphers."
I've logon to the GSS but was not able to find the directory where the apache confs were stored
(/cisco/merlot/apache)
My question is, can the cert and private key on the GSS be replaced by a new cert and key with stronger encryption?
Thank you