Is there anywhere to harden the ciphers for TCP port 4433 using CC commands ? I cannot seem to find it. But both NMAP and Nessus tool detect port TCP 4433 has weak ciphers and still using TLS 1.1.
Below is the list of weak ciphers found. The weak ciphers are: a. TLS_RSA_WITH_AES_128_CBC_SHA b. TLS_RSA_WITH_AES_128_CBC_SHA256 c. TLS_RSA_WITH_AES_128_GCM_SHA256 d. TLS_RSA_WITH_AES_256_CBC_SHA e. TLS_RSA_WITH_AES_256_CBC_SHA256 and TLS 1.1 still in used in TCP 4433.
For webadmin using port TCL 4444 and 4422, i am able to use CC commands to harden the selection of ciphers.
Hi Peng and welcome to the UTM Community!
This would be a good question for Support if you have a paid license for UTM. My guess is that the issue is addressed on SUM with a different certificate and that cert would then be uploaded to the UTM in 'Central Management'. Please let us know what you learn.
Cheers - Bob