Hello Support!
Any idea how to fix or troubleshoot this vulnerability ?
-----------------------------------------vulnerability-----------------------------------------------------------------------------------------
[medium] [6514/101915888/tls-syslog?] IETF X.509 SSL Certificate Signature
Collision Vulnerability
The following certificates were part of the certificate chain sent by the
remote host, but contain hashes that are considered to be weak.
------------------------------------------Linux
version----------------------------------------------------------------------------------------
root@atlbyzns01:~# uname -a
Linux atlbyzns01 4.9.0-8-amd64 #1 SMP Debian 4.9.110-3+deb9u4 (2018-08-21)
x86_64 GNU/Linux
------------------------------------------tls
version----------------------------------------------------------------------------------------
openssl.exe s_client -connect xx.xx.xx.xx:6514
CONNECTED(00000104)
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Regards,
Mauricio Borges
IBM Certified IT Specialist, Domino & iSeries Administrator
Global Business Services - AppOps
IBM Services
[email protected]
