We’ve been asked to make the following modifications to our network traffic by a government entity with which we do business:
- Configure servers to disable TLS 1.0 and TLS 1.1
- Disable weak cipher suites
I can see where to set the TLS version – all good
But how do we “disable weak ciphers”? Is this done automatically as a consequence of setting a higher TLS level? Or do we have to do this elsewhere in the interface?
By disable weak ciphers, we’re only supposed to ALLOW the following:
Is there anyway to determine what ciphers are currently being used?