AnsweredAssumed Answered

How to change the Cipher Suites to the 8443 Listen Port?

Question asked by Jaime Valencia on Sep 24, 2015
Latest reply on Oct 19, 2015 by Nicolas Afonso




I noticed the default administrative port 8443 is using a weak ephemeral Diffie-Hellman public key exchange: prone to logjam-like vulnerabilities. So, I tried to change the cipher suites this port has associated, but as Policy manager itself uses this communication channel (port 8443), when I  tried to apply the changes in “Manage Listen Port” > “8443” >Properties SSL/TLS


Policy Manager states “Unable to modify the listen port form the current admin connection” (actually, it had sense, it´s kind a bootstrapping condition)





How to change the 8443 configuration of TLS in order to work with a most secure set of cipher suites?, and also to work TLS1.2? And what is necessary to do in the Policy Manager to be able to connect to the new configuration?