• Plesk Uservoice will be deprecated by October. Moving forward, all product feature requests and improvement suggestions will be managed through our new platform Plesk Productboard.
    To continue sharing your ideas and feedback, please visit features.plesk.com

Question CAMELLIA Cipher removal after Tune Plesk to Meet PCI DSS on Linux

W

Will B

New Pleskian
I already used Tune Plesk to Meet PCI DSS on Linux at Tune Plesk to Meet PCI DSS on Linux

I went through everything, now I am trying to take out 4 ciphers.

tlsv1.1 tlsv1.2

TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA


Tune Plesk to Meet PCI DSS puts these ciphers:
--ciphers="EECDH+AESGCM+AES128:EECDH+AESGCM+AES256:EDH+AESGCM+AES128:EDH+AESGCM+AES256:EECDH+SHA256+AES128:EECDH+SHA384+AES256:EDH+SHA256+AES128:EDH+SHA256+AES256:EECDH+SHA1+AES128:EECDH+SHA1+AES256:EDH+SHA1+AES128:EDH+SHA1+AES256:EECDH+HIGH:EDH+HIGH:AESGCM+AES128:AESGCM+AES256:SHA256+AES128:SHA256+AES256:SHA1+AES128:SHA1+AES256:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!KRB5:!aECDH:!EDH+3DES"

I am trying to remove CAMELLIA from the cipher list. I don't want to do away with tlsv1.1. I just want to remove CAMELLIA. Anyone know the ciphers in the list to remove to remove CAMELLIA?

Thank you
 
Same here. Running test on SSLLabs show me a lot of weak cyphers.
 

Attachments

  • 17-05-_2018_10-03-20.png
    17-05-_2018_10-03-20.png
    229.6 KB · Views: 6
You must log in or register to reply here.

Similar threads

J
Issue DEBIAN 12 OPENSSL 3.0 DOVECOT does not allow login
Replies
1
Views
2K
Yaroslav_T
Yaroslav_T
J
Question Dovecot Error: auth-master: userdb list: User listing returned failure
Replies
3
Views
4K
solomongrundy5
S
T
Issue SMTPD No Auth from IP Issue
Replies
2
Views
2K
Tessxr
T
O
Question Nginx compile by Plesk and chipers
Replies
6
Views
3K
IgorG
IgorG
M
Question changed nginx ssl.conf
Replies
2
Views
2K
moswak
M
Back
Top