[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

SSL Cipher Suite Order

ID: oval:org.secpod.oval:def:19049Date: (C)2014-05-29   (M)2023-07-04
Class: COMPLIANCEFamily: windows




The SSL Cipher Suite Order machine setting should be configured correctly. Determines the cipher suites used by the Secure Socket Layer (SSL). If this setting is enabled, SSL cipher suites will be prioritized in the order specified. If this setting is disabled or not configured, the factory default cipher suite order will be used. SSL2, SSL3, TLS 1.0 and TLS 1.1 cipher suites: * TLS_RSA_WITH_AES_128_CBC_SHA * TLS_RSA_WITH_AES_256_CBC_SHA * TLS_RSA_WITH_RC4_128_SHA * TLS_RSA_WITH_3DES_EDE_CBC_SHA * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256 * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P384 * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P521 * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256 * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384 * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P521 * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P256 * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P384 * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P521 * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256 * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P384 * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P521 * TLS_DHE_DSS_WITH_AES_128_CBC_SHA * TLS_DHE_DSS_WITH_AES_256_CBC_SHA * TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA * TLS_RSA_WITH_RC4_128_MD5 * SSL_CK_RC4_128_WITH_MD5 * SSL_CK_DES_192_EDE3_CBC_WITH_MD5 * TLS_RSA_WITH_NULL_SHA * TLS_RSA_WITH_NULL_MD5 TLS 1.2 SHA256 and SHA384 cipher suites: * TLS_RSA_WITH_AES_128_CBC_SHA256 * TLS_RSA_WITH_AES_256_CBC_SHA256 * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256 * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P384 * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P521 * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256 * LS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384 * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P521 * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P256 * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P384 * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P521 * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P384 * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P521 * TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 * TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 * TLS_RSA_WITH_NULL_SHA256 TLS 1.2 ECC GCM cipher suites: * TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P256 * TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P384 * TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P521 * TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P384 * TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P521 Fix: (1) GPO: Computer Configuration\Administrative Templates\Network\SSL Configuration Settings\SSL Cipher Suite Order (2) KEY: HKLM\SOFTWARE\Policies\Microsoft\Cryptography\Configuration\SSL\00010002\Functions

Platform:
Microsoft Windows Server 2008 R2
Reference:
CCE-11076-7
CPE    1
cpe:/o:microsoft:windows_server_2008:r2
CCE    1
CCE-11076-7
XCCDF    1
xccdf_org.secpod_benchmark_general_Windows_Server_2008_R2

© SecPod Technologies