Removing TLS_RSA_WITH_AES_ * ciper suites


I did a ssllabs test checking the ciphers:

I got weak ciphers based all on RSA:


TLS_RSA_WITH_AES_128_GCM_SHA256 ( 0x9c ) WEAK 128
TLS_RSA_WITH_AES_128_CBC_SHA ( 0x2f ) WEAK 128

How can I remove these ciphers ?

Many thanks in advance.

Kindly regards

You won’t be able to if using Cloudflare SSL as they’re there for backwards compatibility with older browser/clients. Modern client/browsers will always negotiate a stronger ssl cipher above them with higher order priority when negotiating a connection.

1 Like

Ich didn’t try this yet, and I could swear that there were no weak ciphers last time In checked my website, nie there are:

Since existing HSTS headers seem to be respected and overiding Dashboard settings (HSTS is set to Off) or could bei worth ckeck the server and remove them. I can’t do this at the moment. I may be wrong.

But the results are not that dramatic. As @eva2000 wrote.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.