Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 4537 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL Cipher Exchange Method when connecting to smtps

AndiB.
Hi,

I'm using a sophos utm 9 with smtp proxy. Things are working great so far. 

I checked the provided ciphers when connecting via port 465.

this was my command:
openssl s_client -cipher 'EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA256 EECDH+aRSA+RC4 EDH+aRSA EECDH RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS' -connect my.domain:465

This is the cipher, which is used.

>>>
SSL-Session:
    Protocol  : TLSv1
    Cipher    : RC4-SHA


This thread was automatically locked due to age.
Parents
  • 0
    Hi, Andi, and welcome to the User BB!

    I don't know what you might do at the command line.  On the 'Advanced' tab of 'SMTP', you can select the certificate used for TLS.  By default, that's the WebAdmin cert created when the UTM was first installed.  I presume that you could get your own cert+CA using a different cipher, upload them in Certificate Management and select the cert on the 'Advanced' tab.

    Just curious - why would you want to do that?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    Hi, Andi, and welcome to the User BB!

    I don't know what you might do at the command line.  On the 'Advanced' tab of 'SMTP', you can select the certificate used for TLS.  By default, that's the WebAdmin cert created when the UTM was first installed.  I presume that you could get your own cert+CA using a different cipher, upload them in Certificate Management and select the cert on the 'Advanced' tab.

    Just curious - why would you want to do that?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML