HIGH
SSL Medium Strength Cipher Suites Supported (SWEET32)
Description
The remote host supports the use of SSL ciphers that offer medium strength encryption. Nessus regards medium strength as any encryption that uses key lengths at least 64 bits and less than 112 bits, or else that uses the 3DES encryption suite.
Note that it is considerably easier to circumvent medium strength encryption if the attacker is on the same physical network.
Solution
Reconfigure the affected application if possible to avoid use of medium strength ciphers.
漏洞描述
支持SSL中等强度密码套件(SWEET32),远程主机支持使用提供中等强度加密的SSL密码。Nessus将中等强度视为使用至少64位且小于112位的密钥长度的任何加密,否则使用3DES加密套件。
解决:
重新配置应用程序,以避免使用中等强度的密码。
修改nginx.conf文件
找到ssl_ciphers,修改为以下算法
ssl_ciphers HIGH:!aNULL:!MD5:!DES:!3DES;
修改完成后,重启nginx刷新配置即可。
转自:
https://blog.csdn.net/qq_42534026/article/details/113656868
javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
前言今天一个朋友让我帮他做一下tomcat的https配置,中间遇到了标题中这个错误,因此记录了一下过程,服务器、域名、证书、tomcat都已经准备好,就是需要配置一下即可,用的是阿里云的证书服务,也是通过阿里云的证书服务生成的证书文件。配置步骤通过阿里云控制台下载tomcat的https证书文件,证书文件很多,这里是点击tomcat选项下的下载按钮。把证书文件传到linux服务器,如21xxxx
连接Mysql时报javax.net.ssl.SSLHandshakeException No appropriate protocol (protocol is disabled or cipher suites are inappropriate)错误
我使用java连接mysql时候,发现报错javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)。 完整错误信息如下: ...
Github: fatal: Unsupported SSL backend ‘“openssl”‘. Supported SSL backends: openssl schannel
【代码】Github: fatal: Unsupported SSL backend ‘“openssl”‘. Supported SSL backends: openssl schannel。
