Collaborate Disseminate
Where can I get the definitive list of weak ciphers? Various tools are listing ciphers as weak but these vary somewhat. Which CBC ciphers specifically currently suffer with known weaknesses and where can I get more information on this?
The… Continue reading Weak SSL/TLS Ciphers
I am having a Handshake session of PSK_only mode in TLS1.3 , where I use PSK’s established out of band.
consider, client Hello is sent with the extensions of supported_versions, PreSharedKey, psk_key_exchange_modes
Q1)If server sends a Hel… Continue reading In TLS1.3 can the client hello have the extensions which were not sent as part of HelloRetryRequest
Nexpose reports the following vulnerability:
TLS/SSL Server Supports The Use of Static Key Ciphers. Negotiated with the following insecure cipher suites:
TLS 1.2 ciphers: TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_256_GCM_SHA384
Bu… Continue reading Nexpose reporting ciphers not present in machine
I am migrating to Artifactory on RHEL8 as a Docker remote repository, i.e. Artifactory is a proxy for a docker registry hosted through Jfrog.io.
We have a legacy registry with config in /etc/docker/certs.d/. Another instance works fine wit… Continue reading docker daemon reports ‘tls: unconfigured cipher suite’ for Nginx reverse proxy of Artifactory Docker registry