We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hi Mike,
I tested the supported cipher by openvas, but these ciphers are too weak. Do you plan to allow more secure cipher list ?
Here the current list of acceptable ciphers on openvas :
Testing AES256-GCM-SHA384...YES Testing AES256-SHA256...YES Testing AES256-SHA...YES Testing CAMELLIA256-SHA...YES Testing AES128-GCM-SHA256...YES Testing AES128-SHA256...YES Testing AES128-SHA...YES Testing CAMELLIA128-SHA...YES Testing DES-CBC3-SHA...YES
The text was updated successfully, but these errors were encountered:
Hi @konvergence please take a look at this PR and see if it addresses your issue: #156
This was just merged in and is in the process of being built and deployed.
Sorry, something went wrong.
I get well the new restricted ciphers :
Testing AES256-GCM-SHA384...YES Testing AES256-SHA256...YES Testing AES256-SHA...YES Testing CAMELLIA256-SHA...YES Testing AES128-GCM-SHA256...YES
But regarding to https://www.ssllabs.com/ssltest/analyze.html, it's steell to weak
TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d) WEAK | 256 TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d) WEAK | 256 TLS_RSA_WITH_AES_256_CBC_SHA (0x35) WEAK | 256 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x84) WEAK | 256 TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c) WEAK | 128
Is it possible to allow the same ciphers with ECDHE or DHE mode ? for example :
ECDHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256 ECDHE-RSA-AES256-SHA DHE-RSA-AES128-GCM-SHA256
sorry I did'nt want to close
No branches or pull requests
Hi Mike,
I tested the supported cipher by openvas, but these ciphers are too weak.
Do you plan to allow more secure cipher list ?
Here the current list of acceptable ciphers on openvas :
The text was updated successfully, but these errors were encountered: