[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247862

 
 

909

 
 

194603

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

SSL Cipher Suite Order

ID: oval:org.secpod.oval:def:19049Date: (C)2014-05-29   (M)2023-07-04
Class: COMPLIANCEFamily: windows




The SSL Cipher Suite Order machine setting should be configured correctly. Determines the cipher suites used by the Secure Socket Layer (SSL). If this setting is enabled, SSL cipher suites will be prioritized in the order specified. If this setting is disabled or not configured, the factory default cipher suite order will be used. SSL2, SSL3, TLS 1.0 and TLS 1.1 cipher suites: * TLS_RSA_WITH_AES_128_CBC_SHA * TLS_RSA_WITH_AES_256_CBC_SHA * TLS_RSA_WITH_RC4_128_SHA * TLS_RSA_WITH_3DES_EDE_CBC_SHA * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256 * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P384 * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P521 * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256 * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384 * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P521 * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P256 * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P384 * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P521 * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256 * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P384 * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P521 * TLS_DHE_DSS_WITH_AES_128_CBC_SHA * TLS_DHE_DSS_WITH_AES_256_CBC_SHA * TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA * TLS_RSA_WITH_RC4_128_MD5 * SSL_CK_RC4_128_WITH_MD5 * SSL_CK_DES_192_EDE3_CBC_WITH_MD5 * TLS_RSA_WITH_NULL_SHA * TLS_RSA_WITH_NULL_MD5 TLS 1.2 SHA256 and SHA384 cipher suites: * TLS_RSA_WITH_AES_128_CBC_SHA256 * TLS_RSA_WITH_AES_256_CBC_SHA256 * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256 * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P384 * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P521 * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256 * LS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384 * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P521 * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P256 * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P384 * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P521 * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P384 * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P521 * TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 * TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 * TLS_RSA_WITH_NULL_SHA256 TLS 1.2 ECC GCM cipher suites: * TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P256 * TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P384 * TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P521 * TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P384 * TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P521 Fix: (1) GPO: Computer Configuration\Administrative Templates\Network\SSL Configuration Settings\SSL Cipher Suite Order (2) KEY: HKLM\SOFTWARE\Policies\Microsoft\Cryptography\Configuration\SSL\00010002\Functions

Platform:
Microsoft Windows Server 2008 R2
Reference:
CCE-11076-7
CPE    1
cpe:/o:microsoft:windows_server_2008:r2
CCE    1
CCE-11076-7
XCCDF    1
xccdf_org.secpod_benchmark_general_Windows_Server_2008_R2

© SecPod Technologies