Forum Discussion

Johnde's avatar
Johnde
Icon for Cirrus rankCirrus
Apr 01, 2020

Ciphers for restricting traffic to TLS1.2

Hello team,

 

We want to disable all the lower TLS/SSL versions like SSLv3, TLS1.0 and TLS1.2 under client SSL profiles. I know i can easily do it through options list by enabling no SSLv3 etc. I know we can also achieve it using ciphers. I am looking for that Cipher string.

 

Does anyone have it? Please share it.

 

Thank you

  • Please try below string.

     

    ALL:!DHE:!ADH:!EXPORT:!SSLv2:!EXPORT40:!EXP:!LOW:!RC4:!SSLv3:!MEDIUM:!3DES:!RSA:!TLSv1:!TLSv1_1

     

    I've used this in my setup and it is working as expected. Hope it helps you too.

     

    Mayur

  • Please try below string.

     

    ALL:!DHE:!ADH:!EXPORT:!SSLv2:!EXPORT40:!EXP:!LOW:!RC4:!SSLv3:!MEDIUM:!3DES:!RSA:!TLSv1:!TLSv1_1

     

    I've used this in my setup and it is working as expected. Hope it helps you too.

     

    Mayur

    • Johnde's avatar
      Johnde
      Icon for Cirrus rankCirrus

      It worked as per expectations man. Thanks a lot!