Weak TLS Ciphers still detected after

n.east · June 20, 2024, 2:10pm

What is the name of the domain?

.

What is the isssue you’re encountering

After following the recommended steps to remove weak ciphers from our site we are still seeing them after running a scan on ssllabs

What steps have you taken to resolve the issue?

Purchased and installed an Advanced SSL certificate.
Disabled weak cipher suites.
Configured the server to use the recommended list of modern ciphers via the provided curl command.

Was the site working with SSL prior to adding it to Cloudflare?

Yes

What is the current SSL/TLS setting?

Full (strict)

Screenshot of the error

bujangnim · June 21, 2024, 7:40pm

Hi @n.east,

In your message, I see that you mentioned that you configured the server, to not use weak ciphers. Did you mean that you did this for the Cloudflare edge?

Please review Disable weak cipher suites · Cloudflare SSL/TLS docs and check the result code after you enter the API curl command. Verify that your API key and zone ID are correct.

n.east · June 21, 2024, 8:38pm

Hi @bujangnim, we have made the documented cURL quest to the Cloudflare API which resulted in a success message, after this change we tested via ssllabs.com and are still seeing weak 1.2 ciphers.

Any suggestion, or have we missed anything in the set up?

Thanks

system · July 6, 2024, 8:39pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Cipher hardening not working General	7	37	January 14, 2025
Weak SSL Cipher issue Access dash-ssl-tls	1	3471	May 19, 2019
Insecure ciphers - which SSL will fix? Security	2	882	November 15, 2023
Cloudflare does not switch TLS version Security dash-ssl-tls	1	3061	July 22, 2018
[Question](08-03-2025) Weak Encryption (Weak Ciphers) sent by client (Screenshot) General	1	10	March 8, 2025