Disable DES and 3DES ciphers
lduvnjak opened this issue · comments
We're having a security audit and the EPR has some issues we have to cover.
One of them was disabling support for TLS v1.0
and 1.1
. The other is disabling DES and 3DES ciphers to mitigate a SWEET32 attack.
As far as I can tell, even specifying the TLS supported versions was a relatively new addition.
Is there currently a way in which we can specify the allowed and forbidden ciphers, and if not do you have any plans to add that functionality in the future?
I have a customer who also needs this functionality.