Quantcast

How to disable 3DES ciphers in openwsman server?

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

How to disable 3DES ciphers in openwsman server?

manusingh
Hi,

I am new to openwsman.
How can I disable 3DES ciphers in my openwsman server to fix SWEET32 vulnerability?

Thanks
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: How to disable 3DES ciphers in openwsman server?

Klaus Kaempf
* manusingh <[hidden email]> [Apr 17. 2017 09:02]:
> Hi,
>
> I am new to openwsman.
> How can I disable 3DES ciphers in my openwsman server to fix SWEET32
> vulnerability?

Manusingh,

you should upgrade your openssl package to disble 3DES ciphers.

Alternatively you can build openwsman from source. I've just added
"ssl_cipher_list" as a config option for the [server] section.
If set, it calls openssl's SSL_CTX_set_cipher_list() function[1] with
this value.

Hth,

Klaus

[1] https://www.openssl.org/docs/man1.0.2/ssl/SSL_CTX_set_cipher_list.html
--
SUSE Linux GmbH, GF: Felix Imend├Ârffer, Jane Smithard, Graham Norton, HRB 21284 (AG N├╝rnberg)

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openwsman-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/openwsman-devel
Loading...