Excluding RC4 ciphers still shows up in a TLS scan

Revision as of 14:11, 15 June 2015 by Jorge de la Cruz (talk | contribs) (Created page with "{{WIP}}{{Article Infobox|{{admin}}|{{ZCS 8.6}}|{{ZCS 8.5}}|{{ZCS 8.0}}}} =Excluding RC4 ciphers still shows up in a TLS scan= ==Purpose== Excluding RC4 ciphers still shows up ...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Admin Article

Article Information

This article applies to the following ZCS versions.

ZCS 8.6 Article ZCS 8.6ZCS 8.5 Article ZCS 8.5ZCS 8.0 Article ZCS 8.0


Excluding RC4 ciphers still shows up in a TLS scan

Purpose

Excluding RC4 ciphers still shows up in a TLS scan.

Resolution

For RC4, we have to specify the 'SSL' ciphers in the exclude list as well:

zmprov mcf +zimbraSSLExcludeCipherSuites SSL_RSA_WITH_RC4_128_MD5
zmprov mcf +zimbraSSLExcludeCipherSuites SSL_RSA_WITH_RC4_128_SHA
zmprov mcf +zimbraSSLExcludeCipherSuites SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
zmmailboxdctl restart

The only change made is that 'TLS' has been replaced with 'SSL' for these specific cipher suites.

Additional Content

  • For detailed explanations of and Ciphers and Security, please visit the official [Wiki page].
Verified Against: Zimbra Collaboration 8.6, 8.5, 8.0 Date Created: 05/28/2015
Article ID: https://wiki.zimbra.com/index.php?title=Excluding_RC4_ciphers_still_shows_up_in_a_TLS_scan Date Modified: 2015-06-15



Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »


Wiki/KB reviewed by SME1 SME2 Copyeditor Last edit by Jorge de la Cruz
Jump to: navigation, search