Forum Discussion
NAG
Jun 18, 2020Cirrostratus
Hi Qasim,
You are seeing that message as RSA is being used as key exchange algorithm. You should consider using ECDHE_RSA for key exchange instead.
Here is how I would solve it.
Requirements:
1) force the use of TLS 1.2
2) Disable RSA as Key exchange algorithm
Steps:
1) go to Client SSL profile you want to edit.
2) Select Advanced Configuration and tick customisation button for Ciphers.
3) Copy and paste the following string
DEFAULT:!TLSv1:!TLSv1_1:!TLSv1_3:!DTLSv1:!DHE:!RSA
Following is the screenshot of client SSL profile I have created to illustrate to you.
Hope this helps.
Please let me know if you have any questions.
-Nag