How to disable CBC mode and to use 3DES in univers...

prakashraja1999 · ‎02-11-2022

How to disable CBC mode and to use 3DES in universal forwarder 8089 port?

PickleRick · ‎02-11-2022

Well. CBC and 3DES are separate things. Although I never heard of 3DES used in any other mode than CBC.

Anyway, if you want to enable 3DES you may try cipherSuite setting in [SSL] stanza of server.conf or in appropriate inputs.conf stanza. But you really shouldn't do that. 3DES is not considered secure and TLS1.3 explicitly doesn't include this suite.

prakashraja1999 · ‎02-11-2022

Thanks for your answer,

Questions,

1. Do these changes are to be made in indexers or Universal forwarder??

2. Do i want to configure/change anything in the certificates?

PickleRick · ‎02-11-2022

Depends on the rest of your configuration. TLS negotiation is - as the name suggests - a negotiation so both sides participate in it to find overlapping set of parameters acceptable to both sides. So if you set one side to accept only 3DES-CBC and the other to stick to AES-GCM the negotiation will fail.

How to disable CBC mode and to use 3DES in universal forwarder 8089 port?

forwarder management

search head

Enterprise Security Content Update (ESCU) | New Releases

Announcing the 1st Round Champion’s Tribute Winners of the Great Resilience Quest

We’ve Got Education Validation!