Excluding RC4 ciphers still shows up in a TLS scan

Excluding RC4 ciphers still shows up in a TLS scan

   KB 22042        Last updated on 2018-05-30  




0.00
(0 votes)

Purpose

Excluding RC4 ciphers still shows up in a TLS scan.

Resolution

For RC4, we have to specify the 'SSL' ciphers in the exclude list as well:

zmprov mcf +zimbraSSLExcludeCipherSuites SSL_RSA_WITH_RC4_128_MD5
zmprov mcf +zimbraSSLExcludeCipherSuites SSL_RSA_WITH_RC4_128_SHA
zmprov mcf +zimbraSSLExcludeCipherSuites SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
zmmailboxdctl restart

The only change made is that 'TLS' has been replaced with 'SSL' for these specific cipher suites.

Additional Content

  • For detailed explanations of and Ciphers and Security, please visit the official [Security Wiki page].
Verified Against: Zimbra Collaboration 8.6, 8.5, 8.0 Date Created: 05/28/2015
Article ID: https://wiki.zimbra.com/index.php?title=Excluding_RC4_ciphers_still_shows_up_in_a_TLS_scan Date Modified: 2018-05-30



Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »


Wiki/KB reviewed by SME1 SME2 Copyeditor Last edit by Phoenix
Jump to: navigation, search