Page 1 of 1
How do I disable RC4 ciphers for web server?
Posted: Sat Nov 02, 2013 2:40 pm
by RuneTM
As the title states, I am interested in completely disabling support of RC4 ciphers, for the webserver that the AS uses.
I have looked into
this webpage, but as I understand it, it is for the actual VPN connection, not the webserver.
So, does anyone know how I can do this?
Re: How do I disable RC4 ciphers for web server?
Posted: Tue Jan 27, 2015 9:08 pm
by toddles
Hi-
I'm interested in removing the RC4 cipher from the webserver as well. Does anyone know of a way to do this?
Thanks,
Todd
Re: How do I disable RC4 ciphers for web server?
Posted: Wed Jun 24, 2015 4:39 pm
by bdelpizzo@kpmg.com
Hi,
Has anyone been able to remove RC4 ciphers from the https web interface? We have switched to TLSv1.2 for both VPN and Web access, but port 443 is still allowing TLS_RSA_WITH_RC4_128_SHA
Any help would be greatly appreciated!
Thanks,
Brian
Re: How do I disable RC4 ciphers for web server?
Posted: Mon Nov 30, 2015 2:54 pm
by SPONGE
Seems no one has any idea. Looking for a solution to this too as our OpenVPN failed our network perimeter security/pen test because of weak RC4 ciphers and need to resolve asap.
Re: How do I disable RC4 ciphers for web server?
Posted: Sat Dec 05, 2015 4:28 pm
by djengineer
Run this command on the server (make sure you are updated to atleast 2.0.21):
./sacli -k cs.openssl_ciphersuites -v 'DEFAULT:!EXP:!PSK:!SRP:!LOW:!RC4:!kRSA' ConfigPut
./sacli start