How to Disable Insecure Ciphers - Port 10443 ?
search cancel

How to Disable Insecure Ciphers - Port 10443 ?

book

Article ID: 275171

calendar_today

Updated On:

Products

CA Identity Suite

Issue/Introduction

 

I have a VAAP with the insecure ciphers below:

10443 TLS/SSL Server Supports The Use of Static Key Ciphers *
      Negotiated with the following insecure cipher suites:
    * TLS 1.2 ciphers:
       * TLS_RSA_WITH_AES_128_CBC_SHA

       * TLS_RSA_WITH_AES_128_CBC_SHA256

       * TLS_RSA_WITH_AES_128_CCM

       * TLS_RSA_WITH_AES_128_CCM_8

       * TLS_RSA_WITH_AES_128_GCM_SHA256

       * TLS_RSA_WITH_AES_256_CBC_SHA

       * TLS_RSA_WITH_AES_256_CBC_SHA256

       * TLS_RSA_WITH_AES_256_CCM

       * TLS_RSA_WITH_AES_256_CCM_8

       * TLS_RSA_WITH_AES_256_GCM_SHA384
10443 TLS/SSL Weak Message Authentication Code Cipher Suites *

      Negotiated with the following insecure cipher suites:

    * TLS 1.2 ciphers:

       * TLS_DHE_RSA_WITH_AES_128_CBC_SHA



       * TLS_DHE_RSA_WITH_AES_256_CBC_SHA



       * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA



       * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA



       * TLS_RSA_WITH_AES_128_CBC_SHA



       * TLS_RSA_WITH_AES_256_CBC_SHA

I have applied the techdocs below:

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-suite/14-4/virtual-appliance/configuring-virtual-appliance.html
https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-manager/14-4/reference/advanced-configuration-options/domain-configuration/tls-configuration.html

Please, can you help me to disable this ciphers?

Environment

Release : 14.4

Resolution

Engineering provided HF_VA-14.4.2-20231019183619-TF_DE581095.tgz.gpg , resolved

 

Powered by Wolken Software