From 742469b2adf86c36e573b7c6852123ef5fe49953 Mon Sep 17 00:00:00 2001 From: stellastrareviews Date: Tue, 25 Jun 2024 14:10:25 +0100 Subject: [PATCH] Update tls-ssl-configuration-for-specific-ciphers.adoc - Strong and Weak Ciphers --- .../ROOT/pages/tls-ssl-configuration-for-specific-ciphers.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/articles/modules/ROOT/pages/tls-ssl-configuration-for-specific-ciphers.adoc b/articles/modules/ROOT/pages/tls-ssl-configuration-for-specific-ciphers.adoc index c273415b..032a836f 100644 --- a/articles/modules/ROOT/pages/tls-ssl-configuration-for-specific-ciphers.adoc +++ b/articles/modules/ROOT/pages/tls-ssl-configuration-for-specific-ciphers.adoc @@ -5,7 +5,7 @@ :tags: ssl, tls, cipher, security, unix, operations :category: security -Per documentation: `dbms.ssl.policy..ciphers` is by default set to the Java platform default allowed cipher suites, which can also be explicitly set to any specific ciphers (separated by ",") to further restrict list of allowed ciphers, thus enabling us to enforce a particular single strong cipher (if needed) and remove any doubt about which cipher gets negotiated and chosen. +Per documentation: `dbms.ssl.policy..ciphers` is by default set to the Java platform default allowed cipher suites, which can also be explicitly set to any specific ciphers (separated by ",") to further restrict list of allowed ciphers, thus enabling us to enforce a particular single [strong cipher](https://stellastra.com/cipher-suite) (if needed) and remove any doubt about which cipher gets negotiated and chosen. Also, alternatively and/or additionally, we can also disable ciphers by using the instructions referenced here: https://lightbend.github.io/ssl-config/CipherSuites.html where as an example, you would add the following into neo4j.conf: