• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Question CAMELLIA Cipher removal after Tune Plesk to Meet PCI DSS on Linux

W

Will B

New Pleskian
I already used Tune Plesk to Meet PCI DSS on Linux at Tune Plesk to Meet PCI DSS on Linux

I went through everything, now I am trying to take out 4 ciphers.

tlsv1.1 tlsv1.2

TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA


Tune Plesk to Meet PCI DSS puts these ciphers:
--ciphers="EECDH+AESGCM+AES128:EECDH+AESGCM+AES256:EDH+AESGCM+AES128:EDH+AESGCM+AES256:EECDH+SHA256+AES128:EECDH+SHA384+AES256:EDH+SHA256+AES128:EDH+SHA256+AES256:EECDH+SHA1+AES128:EECDH+SHA1+AES256:EDH+SHA1+AES128:EDH+SHA1+AES256:EECDH+HIGH:EDH+HIGH:AESGCM+AES128:AESGCM+AES256:SHA256+AES128:SHA256+AES256:SHA1+AES128:SHA1+AES256:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!KRB5:!aECDH:!EDH+3DES"

I am trying to remove CAMELLIA from the cipher list. I don't want to do away with tlsv1.1. I just want to remove CAMELLIA. Anyone know the ciphers in the list to remove to remove CAMELLIA?

Thank you
 
Same here. Running test on SSLLabs show me a lot of weak cyphers.
 

Attachments

  • 17-05-_2018_10-03-20.png
    17-05-_2018_10-03-20.png
    229.6 KB · Views: 6
You must log in or register to reply here.

Similar threads

J
Question Dovecot Error: auth-master: userdb list: User listing returned failure
Replies
2
Views
2K
Jadek
J
T
Issue SMTPD No Auth from IP Issue
Replies
2
Views
1K
Tessxr
T
O
Question Nginx compile by Plesk and chipers
Replies
6
Views
1K
IgorG
IgorG
M
Question changed nginx ssl.conf
Replies
2
Views
974
moswak
M
V
Question Why is PCI DSS compliant Dovecot configuration setting ssl_prefer_server_ciphers to no?
Replies
2
Views
1K
IgorG
IgorG
Back
Top