Security

Way to set cipher order preference in cipherSuite ?

evanr76
New Member

I was surprised to find that splunkweb does not send a preferred list of ciphers according to their order of appearance in the cipherSuite directive.

Is there a way to have splunkweb express a cipher order preference, similar to the SSLHonorCipherOrder directive in Apache?

Otherwise, I'm finding it harder than expected to convince modern browsers to support PFS ciphers while degrading gracefully for older ones.

Tags (2)
0 Karma

MuS
Legend

Hi evanr76,

have a look at this answer where you can read something about this topic http://answers.splunk.com/answers/134053/ciphersuite-in-various-conf-files.html

cheers, MuS

0 Karma

cfloyd_inap
Engager

This doesn't address the question about HonorCipherOrder. PEN tools still flag the web server as being vulnerable to Secure Client-Initiated Renegotiation

xavierashe
Contributor
0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...