Hello folks! We have configured the following: Ciphers "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5:!DSS:!EDH-RSA-DES-CBC3-SHA:!DES-CBC3-SHA:!DHE-RSA-AES256-GCM-SHA384:!DHE-RSA-AES256-SHA256:!DHE-RSA-AES256-SHA:!DHE-RSA-AES128-GCM-SHA256:!DHE-RSA-AES128-SHA256:!DHE-RSA-AES128-SHA:!SSLv3"
Now we'd need to add the following cipher suites TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 and therefore added the following to the "Ciphers" parameter: ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES256-SHA384 according to https://www.openssl.org/docs/manmaster/apps/ciphers.html Questions: -Why doesn't this list any additional ciphers? nmap --script ssl-enum-ciphers -p 443 $pound_host -Is there a way to provide TLSv1.0 and 1.1 with having SSLv3 disabled? Pound Version : 2.7 OpenSSL Version: 1.0.2f 28 Jan 2016 -- To unsubscribe send an email with subject unsubscribe to [email protected]. Please contact [email protected] for questions.
