cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
808
Views
0
Helpful
2
Replies
mel-ghazali
Beginner

Cisco Prime Infrastructure 3.1 "enable TLSv1.2 only"

Dears,

have any one tried to disable SSLv2, SSLv3 , TLSv1.0 and TLS1.1 and keep only TLS1.2

2 REPLIES 2
marce1000
VIP Advisor

 - Presumably, apache being used, you may change, httpd.conf,or ssl.conf,or httpd-ssl.conf (find the relevant file,containing ssl-directives) and use something as :

SSLProtocol all -SSLv2 -SSLv3 -Anyother-cipher-you-don't-want

Restart httpd afterwards, HOWEVER, prime may have the settings hard-coded in the daemon so I am not sure this will work.

Verify before and after with :

% nmap --script ssl-enum-ciphers -p 443 <host>
marce1000
VIP Advisor

- Sorry my first reply may got garbled, so I try again :

 - Presumably, apache being used, you may change, httpd.conf,or ssl.conf,or httpd-ssl.conf (find the relevant file,containing ssl-directives) and use something as :

SSLProtocol All -SSLv2 --Anyother-ciphers-you-don't-want

Restart apache, prime ,however may have the settings hard-coded in the daemon, so I am not sure this will work;verify with :

% nmap --script ssl-enum-ciphers -p 443 <host>

M.

Content for Community-Ad