In API Gateway 9.3 by default, less strong key exchange on ports 2124/TCP, 8443/TCP, 9443/TCP is used, such as following:
the key size (DH parameter) in the Diffie-Hellman key exchange method is set to 1024 bits or less.
As for PCIDSS requirement, it is recommended to set 2048 bits or more for the DH parameter.
How do you change the key size?
Here is an example command to see the key size of DH parameter.
$ openssl s_client -connect APIGW_Server_IPaddr:2124 -tls1
Server Temp Key: DH, 1024 bits