SSL Cipher Suites

erin_jamroz · October 26, 2018, 10:20pm

Is there any way to have control over what cipher suits are supported/accepted with a stand alone web app running SSL? I see that they accept
TLS_RSA_WITH_DES_CBC_SHA
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_RC4_128_SHA

Which are known to be insecure. Is there any way to disable them?

Greg_O_Lone · October 27, 2018, 11:32am

There is no way to disable these at the moment. However, rather than exposing the app directly to the internet, you may want to consider putting your app behind a reverse proxy or a load balancer for https.