Forum Discussion
IainThomson85_1
Aug 02, 2016Cumulonimbus
You've still got DES Cipher Suites enabled in your string. Thats what the checker is complaining about.
You'll need to negate this in your Client Side SSL profile.
- SJoshi_230759Aug 02, 2016Nimbostratus
Hi Ian, So I need to modify my ciphers config in SSL profile? DEFAULT:!SSLv3:!RC4:!DES >> should be my new ciphers? Please confirm.
- IainThomson85_1Aug 02, 2016Cumulonimbus
So from your statement
""BEAST:This server is vulnerable to a BEAST attack Make sure you have the TLSv1.2 protocol enabled on your server. Disable the RC4, MD5, and DES algorithms. Contact your web server vendor for assistance""
Your cipher suites still include DES Ciphers (MD5 aren't - so no need to disable those)
The cipher string you've mentioned will work yes.