What TLS ciphers does the WSS Agent use connecting to WSS?
What encryption type does the WSS Agent use connecting to WSS?
What are the WSS agent security settings when connecting to WSS?
Windows or MacOS host
With default Windows environments, we typically select the strongest cipher suite advertised by the agent host and typically see
This corresponds to the TLS_DHE_RSA_WITH_AES_256_CBC_SHA Cipher Suite. If the client advertises less secure cipher sets, the server may respond with a different setting but still using the most secure of the advertised ciphers.
A PCAP can be obtained from the agent host, where the UDP 443 protocol must be decoded as OpenVPN. Once done, the messages will be decoded as OpenVPN and the TLS handshake visible.