Security scan of FreeIPA server ports uncovered weak, medium and null ciphers 
on port 389 and 636. We are running ‘ipa-server-3.0.0-37.el6.i686’.
How can I disable/remove these ciphers in my existing setup?

Ciphers Discovered -
TLSv1
  EXP-RC2-CBC-MD5              Kx=RSA(512)    Au=RSA      Enc=RC2-CBC(40)       
   Mac=MD5    export
  EXP-RC4-MD5                  Kx=RSA(512)    Au=RSA      Enc=RC4(40)           
   Mac=MD5    export

TLSv1
  EXP1024-DES-CBC-SHA          Kx=RSA(1024)   Au=RSA      Enc=DES-CBC(56)       
   Mac=SHA1   export
  EXP1024-RC4-SHA              Kx=RSA(1024)   Au=RSA      Enc=RC4(56)           
   Mac=SHA1   export
  DES-CBC-SHA                  Kx=RSA         Au=RSA      Enc=DES-CBC(56)       
   Mac=SHA1

TLSv1
  NULL-SHA                     Kx=RSA         Au=RSA      Enc=None              
   Mac=SHA1

Thanks,
Amb.





This message (including any attachments) contains confidential information 
intended for a specific individual and purpose, and is protected by law. If you 
are not the intended recipient, you should delete this message and any 
disclosure, copying, or distribution of this message, or the taking of any 
action based on it, by you is strictly prohibited.

v.E.1







-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project

Reply via email to