TLS/SSL Server Supports The Use of Static Key Ciphers - Negotiated with the insecure cipher suites

Balaji_Arun_Kumar_Sa · July 27, 2022, 8:56pm

Problem: TLS/SSL Server Supports The Use of Static Key Ciphers
*
Negotiated with the following insecure cipher suites:
* TLS 1.2 ciphers:
* TLS_RSA_WITH_AES_128_CBC_SHA
* TLS_RSA_WITH_AES_128_CBC_SHA256
* TLS_RSA_WITH_AES_128_GCM_SHA256
* TLS_RSA_WITH_AES_256_CBC_SHA
* TLS_RSA_WITH_AES_256_CBC_SHA256
* TLS_RSA_WITH_AES_256_GCM_SHA384

Expected outcome: Insecure cipher suites are disabled.

Foreman and Proxy versions: foreman-3.2.0-1, foreman-proxy-3.2.0-1

Foreman and Proxy plugin versions: katello-4.4.0-1

Distribution and version: Red Hat Enterprise Linux release 8.6 (Ootpa)

Other relevant data:

Please help me disabling the insecure ciphers suites…

TLS 1.2 ciphers:
* TLS_RSA_WITH_AES_128_CBC_SHA
* TLS_RSA_WITH_AES_128_CBC_SHA256
* TLS_RSA_WITH_AES_128_GCM_SHA256
* TLS_RSA_WITH_AES_256_CBC_SHA
* TLS_RSA_WITH_AES_256_CBC_SHA256
* TLS_RSA_WITH_AES_256_GCM_SHA384

Best regards,
Balaji Sankaran.

Balaji_Arun_Kumar_Sa · August 9, 2022, 7:10pm

I resolved it by disabling TLS 1.1, TLS 1.2 and enabled only TLS 1.3.