Is there a way to disable certain TLS Ciphers in CWMS 2.8?
I see CWMS 2.8 and 3.0 support the same ciphers from cisco documentation.
Trying to find solution for a security scan where support of Static Key Ciphers (ssl-static-key-ciphers) was found and need to see what can be done to disable these.
Is enabling FIPS in CWMS the solution? CWMS 2.6 documentation mentions next generation encryption and when that is enabled the weaker ciphers aren't used. 2.8 and 3.0 docs don't cover that and only FIPS.
The ones below are ones mentioned in scan as needing to disable,
Negotiated with the following insecure cipher suites:
TLS 1.1 ciphers:
TLS_RSA_WITH_AES_128_CBC_SHA
TLS 1.2 ciphers:
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_256_GCM_SHA384
