Control Cryptographic Protocols Used
Posted: 2020-01-17 03:51
Recent audit scan reported that Filezilla server allows SSL connection while TLSv1.2 is not used.
Is it the installed certificate issue or Filezilla server setting issue?
What I want to achieve are as follows:
1. Disable SSL 2.0 and 3.0. Use TLS 1.1 or higher.
2. SSL certificate signed using weak hashing algorithm.
3. SSL Medium Strength Cipher Suites supported (SWEET32). The remote service supports the use of medium strength SSL ciphers. Avoid the use of medium strength ciphers.
4. Configure SSL/TLS servers to only use TLS 1.1/1.2.
5. Configure SSL/TLS servers to only support cipher suites that do not use block ciphers.
6. Disable the use of weak cipher suites
7. Disable the use of SSL Null cipher suites
8. Disable the use of SSL/TLS EXPORT_RSA <= 52-bit Cipher Suites Supported (FREAK)
Is it the installed certificate issue or Filezilla server setting issue?
What I want to achieve are as follows:
1. Disable SSL 2.0 and 3.0. Use TLS 1.1 or higher.
2. SSL certificate signed using weak hashing algorithm.
3. SSL Medium Strength Cipher Suites supported (SWEET32). The remote service supports the use of medium strength SSL ciphers. Avoid the use of medium strength ciphers.
4. Configure SSL/TLS servers to only use TLS 1.1/1.2.
5. Configure SSL/TLS servers to only support cipher suites that do not use block ciphers.
6. Disable the use of weak cipher suites
7. Disable the use of SSL Null cipher suites
8. Disable the use of SSL/TLS EXPORT_RSA <= 52-bit Cipher Suites Supported (FREAK)