Jerome,
Thanks for the clarification. This string: CHACHA20:AESGCM:AESCCM:!RSA resulted in an F grade from SSL Labs due to the inclusion of TLS_DH_anon ciphers: [cid:image001.jpg@01D61902.1FDF86A0] After adding the following to the end of the string, scored an A+: :!aNULL Norman Branitsky Senior Cloud Architect P: 416-916-1752 -----Original Message----- From: Jerome Magnin <jmag...@haproxy.com> Sent: Wednesday, April 22, 2020 3:20 PM To: Branitsky, Norman <norman.branit...@tylertech.com> Cc: haproxy@formilux.org Subject: Re: How to suppress weak ciphers On Wed, Apr 22, 2020 at 06:20:14PM +0000, Branitsky, Norman wrote: > As you can see from my pasted configuration, I was specifying exactly 4 > ciphers. > The 2 weak CBC ciphers were magically appearing in the SSL Labs report. > I tried to explicitly delete them - but the delete request is ignored. > > It seems that this entry, for example, must actually be a family: > ECDHE-RSA-AES256-SHA384 > which includes > ECDHE-RSA-AES256-CBC-SHA384 > Not clear why the explicit delete command doesn't delete the CBC cipher. > the configuration you shared excludes ciphers that are not actually ciphers. I'm guessing this is why you still see what you try to disable when you test with ssllabs. there is no ECDHE-RSA-AES256-CBC-SHA384 in man ciphers(1), and no ECDHE-RSA-AES128-CBC-SHA384. On the other hand ECDHE-RSA-AES256-SHA384 is the openssl equivalent to TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 so you probably got things mixed up. > Do you use the following specification and do you find sufficient support of > existing browsers? > ssl-default-bind-ciphers CHACHA20:AESGCM:AESCCM:!RSA > Or is this too aggressive? > It does not support safari from 6 to 8 on IOS and OSX, and IE11 on windows phone 8.1. I can share ssllabs report privately if you want. Jérôme
