Remediation of TLS/SSL Weak Cipher Suites in Aria Suite Lifecycle Manager 8.x
search cancel

Remediation of TLS/SSL Weak Cipher Suites in Aria Suite Lifecycle Manager 8.x

book

Article ID: 379746

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

TLS/SSL Weak Message Authentication Code Cipher Suites (ssl-weak-message-authentication-code-algorithms) identified in Aria Suite Lifecycle Manager 8.x

Environment

Aria Suite Lifecycle Manager 8.x

Cause

The ciphers used in SSL configuration in Aria Suite Lifecycle is reported as insecure by the Security scanners used in the organization.

Resolution

Kindly make sure to have a snapshot / backup of the Aria Suite Lifecycle Manager appliance prior following the steps below:

  • Open the Nginx SSL configuration file located at /etc/nginx/ssl.conf
  • Replace the line: ssl_ciphers !aNULL:ECDHE+AES; with ssl_ciphers !aNULL:ECDHE+AES:!ECDHE-RSA-AES128-SHA256:!ECDHE-RSA-AES256-SHA384;
  • Reload the Nginx service to apply the changes: systemctl reload nginx