Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Walter_Mutebuka
Participant

Disable TLS/SSL support for static key cipher suites

Jump to solution

Hi,

We recently ran a vulnerability scan and we got this recommendation "Disable TLS/SSL support for static key cipher suites" is there an SK to guide us through this? What's the impact if we implement this in terms of breaking something? 

0 Kudos
Reply
1 Solution
4 Replies
Walter_Mutebuka
Participant

Thanks a lot, sorry for the late response 😊

0 Kudos
Reply
nolankam
Explorer

Hi,  I tried this as well to disable TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA, by moving these to the "forbidden" section, ran the registry update and pushed the policy. But when we ran nmap, we had the same ciphers showing up. 

0 Kudos
Reply
Walter_Mutebuka
Participant

Did you reboot at some point? I'v noticed that sometimes it does not survive reboots

0 Kudos
Reply