ESXi

 View Only

Insecure ciphers being flagged in security audit

  • 1.  Insecure ciphers being flagged in security audit

    Posted Oct 31, 2017 02:04 PM

    I am running ESXi version 6. I have run the tlsreconfigurator and turned off TLS 1.0 and 1.1. I also turned off TLS 1.0 and 1.1 on port 5989. The hosts are still being flagged for this:

    • Negotiated with the following insecure cipher suites:
      • TLS 1.2 ciphers:
        • TLS_RSA_WITH_AES_128_CBC_SHA
        • TLS_RSA_WITH_AES_128_CBC_SHA256
        • TLS_RSA_WITH_AES_128_GCM_SHA256
        • TLS_RSA_WITH_AES_256_CBC_SHA
        • TLS_RSA_WITH_AES_256_CBC_SHA256
        • TLS_RSA_WITH_AES_256_GCM_SHA384

    on ports 443 and 5989

    How do I turn these off? This and the self signed certs are all I have left to fix.

    Thank you for any help anyone can provide.

    Matt