Cisco Cisco Email Security Appliance X1050 Guide D’Information
How can I alter what ciphers are used with the
Graphical User Interface (GUI)? Can I disable SSL
v2 for the GUI?
Graphical User Interface (GUI)? Can I disable SSL
v2 for the GUI?
Document ID: 118540
Contributed by Alvaro Gordon−Escobar and Robert Sherwin, Cisco
TAC Engineers.
TAC Engineers.
Oct 10, 2014
Contents
Introduction
How can I alter what ciphers are used with the Graphical User Interface (GUI)? Can I disable SSL v2
for the GUI?
Related Information
How can I alter what ciphers are used with the Graphical User Interface (GUI)? Can I disable SSL v2
for the GUI?
Related Information
Introduction
This document describes how to view and change what ciphers are used in conjunction with the Graphical
User Interface (GUI) on the Cisco Email Security Appliance (ESA).
User Interface (GUI) on the Cisco Email Security Appliance (ESA).
How can I alter what ciphers are used with the Graphical
User Interface (GUI)? Can I disable SSL v2 for the GUI?
User Interface (GUI)? Can I disable SSL v2 for the GUI?
SSL protocols and ciphers advertised for incoming GUI connections can be configured with the sslconfig
command. You can specify which ssl method is used specifically for GUI SSL communication.
command. You can specify which ssl method is used specifically for GUI SSL communication.
Example:
myesa.local> sslconfig
sslconfig settings:
GUI HTTPS method: sslv3tlsv1
GUI HTTPS ciphers: RC4−SHA:RC4−MD5:ALL
Inbound SMTP method: sslv3tlsv1
Inbound SMTP ciphers: RC4−SHA:RC4−MD5:ALL
Outbound SMTP method: sslv3tlsv1
Outbound SMTP ciphers: RC4−SHA:RC4−MD5:ALL
Choose the operation you want to perform:
− GUI − Edit GUI HTTPS ssl settings.
− INBOUND − Edit Inbound SMTP ssl settings.
− OUTBOUND − Edit Outbound SMTP ssl settings.
− VERIFY − Verify and show ssl cipher list.
[]> GUI
Enter the GUI HTTPS ssl method you want to use.
1. SSL v2.
2. SSL v3
3. TLS v1
4. SSL v2 and v3