I noticed the default administrative port 8443 is using a weak ephemeral Diffie-Hellman public key exchange: prone to logjam-like vulnerabilities. So, I tried to change the cipher suites this port has associated, but as Policy manager itself uses this communication channel (port 8443), when I tried to apply the changes in “Manage Listen Port” > “8443” >Properties SSL/TLS
Policy Manager states “Unable to modify the listen port form the current admin connection” (actually, it had sense, it´s kind a bootstrapping condition)
How to change the 8443 configuration of TLS in order to work with a most secure set of cipher suites?, and also to work TLS1.2? And what is necessary to do in the Policy Manager to be able to connect to the new configuration?