cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Community Helping Community

394
Views
0
Helpful
0
Replies
Highlighted
Frequent Contributor

CWMS 2.8 TLS Ciphers

Is there a way to disable  certain TLS Ciphers in CWMS 2.8? 

 

I see CWMS 2.8 and 3.0 support the same ciphers from cisco documentation. 

 

Trying to find solution for a security scan where support of Static Key Ciphers (ssl-static-key-ciphers) was found and need to see what can be done to disable these.

 

Is enabling FIPS in CWMS the solution?   CWMS 2.6 documentation mentions next generation encryption and when that is enabled the weaker ciphers aren't used. 2.8 and 3.0 docs don't cover that and only FIPS. 

 

The ones below are ones mentioned in scan as needing to disable,


Negotiated with the following insecure cipher suites:

 

TLS 1.1 ciphers:

 

TLS_RSA_WITH_AES_128_CBC_SHA

 

TLS 1.2 ciphers:


TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_256_GCM_SHA384 

 

Everyone's tags (3)
CreatePlease to create content
Content for Community-Ad
FusionCharts will render here