[SR-Users] Disabling weak SSL Cypher suites
Henning Westerholt
hw at skalatan.de
Tue Dec 10 08:23:33 CET 2019
Hello,
small addition - it is not possible to only specify TLS v1.3 at the moment (but work is planned here) - use TLSv1.2+ to get all version equal or larger TLS 1.2.
Cheers,
Henning
--
Henning Westerholt - https://skalatan.de/blog/
Kamailio services - https://gilawa.com<https://gilawa.com/>
From: sr-users <sr-users-bounces at lists.kamailio.org> On Behalf Of Arik Halperin
Sent: Tuesday, December 10, 2019 7:29 AM
To: sr-users at lists.kamailio.org
Cc: Tsur Arieli <tsur at telemessage.com>; Yossi Shteingart <yossi at telemessage.com>
Subject: [SR-Users] Disabling weak SSL Cypher suites
Hello,
How can I disable:
TLS_RSA_WITH_RC4_128_SHA (0x5) INSECURE128
TLS_RSA_WITH_RC4_128_MD5 (0x4) INSECURE128
What should I put in cypher_list in order to disable the above?
I would also like support TLS 1.2 and TLS 1.3, but remove support for 1.0 and 1.1
Thanks,
Arik Halperin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20191210/bcc0d101/attachment.html>
More information about the sr-users
mailing list