Security

Way to set cipher order preference in cipherSuite ?

evanr76
New Member

I was surprised to find that splunkweb does not send a preferred list of ciphers according to their order of appearance in the cipherSuite directive.

Is there a way to have splunkweb express a cipher order preference, similar to the SSLHonorCipherOrder directive in Apache?

Otherwise, I'm finding it harder than expected to convince modern browsers to support PFS ciphers while degrading gracefully for older ones.

Tags (2)
0 Karma

MuS
Legend

Hi evanr76,

have a look at this answer where you can read something about this topic http://answers.splunk.com/answers/134053/ciphersuite-in-various-conf-files.html

cheers, MuS

0 Karma

cfloyd_inap
Engager

This doesn't address the question about HonorCipherOrder. PEN tools still flag the web server as being vulnerable to Secure Client-Initiated Renegotiation

xavierashe
Contributor
0 Karma
Get Updates on the Splunk Community!

Technical Workshop Series: Splunk Data Management and SPL2 | Register here!

Hey, Splunk Community! Ready to take your data management skills to the next level? Join us for a 3-part ...

Spotting Financial Fraud in the Haystack: A Guide to Behavioral Analytics with Splunk

In today's digital financial ecosystem, security teams face an unprecedented challenge. The sheer volume of ...

Solve Problems Faster with New, Smarter AI and Integrations in Splunk Observability

Solve Problems Faster with New, Smarter AI and Integrations in Splunk Observability As businesses scale ...