[SR-Users] Disabling weak SSL Cypher suites
Federico Cabiddu
federico.cabiddu at gmail.com
Tue Dec 10 08:03:51 CET 2019
Hi,
for enabling a specific set of ciphers have a look at tls module's
cipher_list param:
http://www.kamailio.org/docs/modules/5.4.x/modules/tls.html#tls.p.cipher_list
.
For supporting specific versions of TLS look at tls_method param:
http://www.kamailio.org/docs/modules/5.4.x/modules/tls.html#tls.p.tls_method
.
Cheers,
Federico
On Tue, Dec 10, 2019 at 7:30 AM Arik Halperin <arik.halperin at s3code.com>
wrote:
> Hello,
>
> How can I disable:
>
>
> TLS_RSA_WITH_RC4_128_SHA (0x5) *INSECURE*128
>
> TLS_RSA_WITH_RC4_128_MD5 (0x4) *INSECURE*128
>
> What should I put in cypher_list in order to disable the above?
>
> I would also like support TLS 1.2 and TLS 1.3, but remove support for 1.0
> and 1.1
>
> Thanks,
> Arik Halperin
> _______________________________________________
> Kamailio (SER) - Users Mailing List
> sr-users at lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20191210/4ad3222d/attachment.html>
More information about the sr-users
mailing list