- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Way to set cipher order preference in cipherSuite ?
I was surprised to find that splunkweb does not send a preferred list of ciphers according to their order of appearance in the cipherSuite directive.
Is there a way to have splunkweb express a cipher order preference, similar to the SSLHonorCipherOrder directive in Apache?
Otherwise, I'm finding it harder than expected to convince modern browsers to support PFS ciphers while degrading gracefully for older ones.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
![MuS MuS](https://community.splunk.com/legacyfs/online/avatars/2122.jpg)
Hi evanr76,
have a look at this answer where you can read something about this topic http://answers.splunk.com/answers/134053/ciphersuite-in-various-conf-files.html
cheers, MuS
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This doesn't address the question about HonorCipherOrder. PEN tools still flag the web server as being vulnerable to Secure Client-Initiated Renegotiation
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
![xavierashe xavierashe](https://community.splunk.com/legacyfs/online/avatars/474532.jpg)
@cfloyd_inap,
I am getting the same results and posted the question here.
https://answers.splunk.com/answers/525285/splunk-list-vulnerable-to-secure-client-initiated.html
![](/skins/images/53C7C94B4DD15F7CACC6D77B9B4D55BF/responsive_peak/images/icon_anonymous_message.png)