As the title states, I am interested in completely disabling support of RC4 ciphers, for the webserver that the AS uses.
I have looked into this webpage, but as I understand it, it is for the actual VPN connection, not the webserver.
So, does anyone know how I can do this?
How do I disable RC4 ciphers for web server?
-
- OpenVpn Newbie
- Posts: 2
- Joined: Sat Nov 02, 2013 2:20 pm
-
- OpenVpn Newbie
- Posts: 1
- Joined: Thu Dec 11, 2014 6:48 pm
Re: How do I disable RC4 ciphers for web server?
Hi-
I'm interested in removing the RC4 cipher from the webserver as well. Does anyone know of a way to do this?
Thanks,
Todd
I'm interested in removing the RC4 cipher from the webserver as well. Does anyone know of a way to do this?
Thanks,
Todd
-
- OpenVpn Newbie
- Posts: 1
- Joined: Wed Jun 24, 2015 4:35 pm
Re: How do I disable RC4 ciphers for web server?
Hi,
Has anyone been able to remove RC4 ciphers from the https web interface? We have switched to TLSv1.2 for both VPN and Web access, but port 443 is still allowing TLS_RSA_WITH_RC4_128_SHA
Any help would be greatly appreciated!
Thanks,
Brian
Has anyone been able to remove RC4 ciphers from the https web interface? We have switched to TLSv1.2 for both VPN and Web access, but port 443 is still allowing TLS_RSA_WITH_RC4_128_SHA
Any help would be greatly appreciated!
Thanks,
Brian
-
- OpenVpn Newbie
- Posts: 2
- Joined: Thu Jun 20, 2013 4:39 pm
Re: How do I disable RC4 ciphers for web server?
Seems no one has any idea. Looking for a solution to this too as our OpenVPN failed our network perimeter security/pen test because of weak RC4 ciphers and need to resolve asap.
-
- OpenVpn Newbie
- Posts: 3
- Joined: Sun Apr 05, 2015 7:52 pm
Re: How do I disable RC4 ciphers for web server?
Run this command on the server (make sure you are updated to atleast 2.0.21):
./sacli -k cs.openssl_ciphersuites -v 'DEFAULT:!EXP:!PSK:!SRP:!LOW:!RC4:!kRSA' ConfigPut
./sacli start
./sacli -k cs.openssl_ciphersuites -v 'DEFAULT:!EXP:!PSK:!SRP:!LOW:!RC4:!kRSA' ConfigPut
./sacli start