Cipher Suite Customization in Min Version TLS 1.2

Hi All,

We are using a Cloudflare Pro plan and have an issue with our website SSL. We enabled CF proxy for our website, so that we are seeing “sni-cloudflaressl-com” as the Subject in ssl labs tests. We understand that the connection from brower → CF → Server is happening here. But our problem is, weak cipher suites in TLS 1.2. We are using Minimum TLS Version as TLS 1.2. So during the SSL labs checks we found many weak ciphers in the results. We want to remove these weak ciphers and we found the some docs and that docs says that we need “Advanced Certificate Manager”.

From the SSL/TLS Edge Certificates secsion we can see that we are using “Universal” Type. So we want to know more about this and clear our doubts:

  1. Can we edit the ciphers suites in Universal Type? Or we should purchase the Advanced Certificate Manager?
  2. If we purchase the Advanced Certificate Manager, how is the cost for that?
  3. If we purchase the Advanced Certificate Manager and switch to that new cert, will cause any down time to our site?
1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.