Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1076
Views
0
Helpful
0
Replies

CWMS 2.8 TLS Ciphers

Erick Bergquist
Level 6
Level 6

‎09-21-2018 03:13 PM - edited ‎03-17-2019 07:43 PM

Is there a way to disable  certain TLS Ciphers in CWMS 2.8? 

 

I see CWMS 2.8 and 3.0 support the same ciphers from cisco documentation. 

 

Trying to find solution for a security scan where support of Static Key Ciphers (ssl-static-key-ciphers) was found and need to see what can be done to disable these.

 

Is enabling FIPS in CWMS the solution?   CWMS 2.6 documentation mentions next generation encryption and when that is enabled the weaker ciphers aren't used. 2.8 and 3.0 docs don't cover that and only FIPS. 

 

The ones below are ones mentioned in scan as needing to disable,


Negotiated with the following insecure cipher suites:

 

TLS 1.1 ciphers:

 

TLS_RSA_WITH_AES_128_CBC_SHA

 

TLS 1.2 ciphers:


TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_256_GCM_SHA384 

 

1 person had this problem
Labels:
0 Helpful
0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents