Question CAMELLIA Cipher removal after Tune Plesk to Meet PCI DSS on Linux

[Will B]

I already used Tune Plesk to Meet PCI DSS on Linux at Tune Plesk to Meet PCI DSS on Linux

I went through everything, now I am trying to take out 4 ciphers.

tlsv1.1 tlsv1.2

TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA


Tune Plesk to Meet PCI DSS puts these ciphers:
--ciphers="EECDH+AESGCM+AES128:EECDH+AESGCM+AES256:EDH+AESGCM+AES128:EDH+AESGCM+AES256:EECDH+SHA256+AES128:EECDH+SHA384+AES256:EDH+SHA256+AES128:EDH+SHA256+AES256:EECDH+SHA1+AES128:EECDH+SHA1+AES256:EDH+SHA1+AES128:EDH+SHA1+AES256:EECDH+HIGH:EDH+HIGH:AESGCM+AES128:AESGCM+AES256:SHA256+AES128:SHA256+AES256:SHA1+AES128:SHA1+AES256:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!KRB5:!aECDH:!EDH+3DES"

I am trying to remove CAMELLIA from the cipher list. I don't want to do away with tlsv1.1. I just want to remove CAMELLIA. Anyone know the ciphers in the list to remove to remove CAMELLIA?

Thank you

 

[papak]

Same here. Running test on SSLLabs show me a lot of weak cyphers.

 

[daanse]

This Topic witch Cipher works and not have warnings about bad CIphers inside:
Resolved - Use TLS1.2 only and remove specific ciphers...