我正在尝试在午睡扫描报告的Apache Traffic Server 4.1版中禁用弱密码TLS_ECDHE_RSA_WITH_RC4_128_SHA
我在SSLCipherSuite中删除了RC4
cat records.config | grep RC4
CONFIG proxy.config.ssl.server.cipher_suite STRING !RC4-SHA:AES128-SHA:DES-CBC3-SHA:AES256-SHA:ALL:!aNULL:!EXP:!LOW:!MD5:!SSLV2:!NULL
!RC禁用了2个其他套件协议TLS_RSA_WITH_RC4_128_MD5和TLS_RSA_WITH_RC4_128_SHA,但TLS_ECDHE_RSA_WITH_RC4_128_SHA仍处于活动状态。由于RC4密码套件很弱,我想禁用它。请建议
答案 0 :(得分:0)
密码TLS_ECDHE_RSA_WITH_RC4_128_SHA
通过以下方式禁用: SSLCipherSuite!EECDH + aRSA + RC4