Re: [SR-Users] Disabling weak SSL Cypher suites

10 Dec 2019

Hi,
for enabling a specific set of ciphers have a look at tls module's
cipher_list param:
http://www.kamailio.org/docs/modules/5.4.x/modules/tls.html#tls.p.cipher_li…
.
For supporting specific versions of TLS look at tls_method param:
http://www.kamailio.org/docs/modules/5.4.x/modules/tls.html#tls.p.tls_method
.

Cheers,

Federico

On Tue, Dec 10, 2019 at 7:30 AM Arik Halperin &lt;arik.halperin(a)s3code.com&gt;
wrote:

...
  Hello,

 How can I disable:

 TLS_RSA_WITH_RC4_128_SHA (0x5)   *INSECURE*128

 TLS_RSA_WITH_RC4_128_MD5 (0x4)   *INSECURE*128

 What should I put in cypher_list in order to disable the above?

 I would also like support TLS 1.2 and TLS 1.3, but remove support for 1.0
 and 1.1

 Thanks,
 Arik Halperin
 _______________________________________________
 Kamailio (SER) - Users Mailing List
 sr-users(a)lists.kamailio.org
 https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

Re: [SR-Users] Disabling weak SSL Cypher suites