TLS/SSL Weak Message Authentication Code Cipher Suites (ssl-weak-message-authentication-code-algorithms) identified in Aria Suite Lifecycle Manager 8.x
Aria Suite Lifecycle Manager 8.x
The ciphers used in SSL configuration in Aria Suite Lifecycle is reported as insecure by the Security scanners used in the organization.
Kindly make sure to have a snapshot / backup of the Aria Suite Lifecycle Manager appliance prior following the steps below:
/etc/nginx/ssl.conf
ssl_ciphers !aNULL:ECDHE+AES;
with ssl_ciphers !aNULL:ECDHE+AES:!ECDHE-RSA-AES128-SHA256:!ECDHE-RSA-AES256-SHA384;
systemctl reload nginx