Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
377
Views
0
Helpful
2
Replies

SGC SSL Cert on 11501 only doing 40 bit encryption

aoshea
Level 1
Level 1

‎04-26-2006 07:39 AM

Dear Support,

Just received the official SSL cert from thawte, but it is only showing as 40 bit encryption not 128.

Can you help?

Thanks,

Adrian.

Labels:
0 Helpful
2 Replies 2

aoshea
Level 1
Level 1

‎04-28-2006 12:28 AM

fixed this myself, didn't have the matching cipher;

was;

ssl-server 20 cipher rsa-export-with-rc4-40-md5 192.168.68.174 8080 weight 5

now;

ssl-server 20 cipher rsa-with-rc4-128-md5 192.168.68.174 8080 weight 5

Should i be using the all-ciphers rather than restricting it just to 128bit?

thanks,

adrian

0 Helpful

t.graham
Level 1
Level 1
In response to aoshea

‎04-29-2006 04:41 PM

'all-ciphers' will allow all encryption mechanisms including ones that essentially allow anonymous access. If the application transmits personal or sensitive information you probably don't want that.

If the web site has "international" customers then you need to specify at least some ciphers that have the word "export" in them. If the customer base you serve is US only, the one you are using is probably OK.

PS - you don't really need a weight unless you are specifying more than one cipher and want to have one preferred over the others. For example, you might prefer a 128 bit cipher but if the client is coming from a foreign country where the 128 is not available then allow an exportable cipher - which is not as strong.

0 Helpful
Customers Also Viewed These Support Documents