Outdated SSL Ciphers

Discussion in 'Computer Security' started by zxspectrum, Feb 15, 2022.

  1. zxspectrum

    zxspectrum Terabyte Poster Forum Leader Gold Member

    2,092
    216
    244
    Hello there

    We recently got issued a security bulletin informing us that our SSL ciphers were going to be updated but the information that was presented to us was very vague and I find myself down a rabbit hole. In our place, we have a Live, staging and test server, the last two have already been updated but the Live server which everyone uses, will be updated on the 28th March.

    So, I am not 100% sure what I am actually looking for here to test but did come across this link https://geekflare.com/ssl-test-certificate/#anchor-ssl-labs and used the top search as a general test. I ran it all on all of our three environments after the staging and test servers had been upgraded, what I found was that the staging and test servers are now graded as B but our live production server is graded A and is due to go to these new ciphers on the 28th of March.

    Regarding the link https://geekflare.com/ssl-test-certificate/#anchor-ssl-labs - is this something that can be used and is deemed reliable at all or would I need to look into something more in-depth?

    Cheers for any info/pointers

    Ed
     
    Certifications: BSc computing and information systems
    WIP: 70-680
  2. dmarsh
    Honorary Member 500 Likes Award

    dmarsh Petabyte Poster

    4,305
    503
    259
    Its called TLS now, otherwise good job ! :thumbleft

    I don't use these tools, normally I check stuff manually (Browser/Curl/Application logss) or by turning SSL debug on by TCPTrace / Packet sniffing, but then I'm a developer and not a SysAdmin.

    They look ok to me. Mostly its a matter of updating systems as far as encryption ciphers go. Normally its browsers and web servers.

    Mostly people screw up cert trust chains and revocation and renewal. I think IT departments typically either set up alerts or buy a PKI management solution.
     
    Last edited: Feb 15, 2022
  3. zxspectrum

    zxspectrum Terabyte Poster Forum Leader Gold Member

    2,092
    216
    244
    Cheers @dmarsh

    Those lines you have posted there has given me something to work with and I can look into this a bit more

    Thanks
    Ed
     
    Certifications: BSc computing and information systems
    WIP: 70-680

Share This Page

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.