Hello,
small addition – it is not possible to only specify TLS v1.3 at the moment (but work is planned here) – use TLSv1.2+ to get all version equal or larger TLS 1.2.
Cheers,
Henning
From: sr-users <sr-users-bounces@lists.kamailio.org>
On Behalf Of Arik Halperin
Sent: Tuesday, December 10, 2019 7:29 AM
To: sr-users@lists.kamailio.org
Cc: Tsur Arieli <tsur@telemessage.com>; Yossi Shteingart <yossi@telemessage.com>
Subject: [SR-Users] Disabling weak SSL Cypher suites
Hello,
How can I disable:
TLS_RSA_WITH_RC4_128_SHA (0x5) INSECURE128
TLS_RSA_WITH_RC4_128_MD5 (0x4) INSECURE128
What should I put in cypher_list in order to disable the above?
I would also like support TLS 1.2 and TLS 1.3, but remove support for 1.0 and 1.1
Thanks,
Arik Halperin