AnsweredAssumed Answered

SSL server test needs to show when preferred cipher order is not optimal

Question asked by Joseph Freuler on Dec 4, 2015
Latest reply on Dec 8, 2015 by Rob Moss

I have noticed that a few too many web servers do not select the highest grade ciphers even if they are supported.

In many cases this is due to the server's preferred cipher order being reversed - low to high grade instead of high to low grade.

There are a few server admin's that don't want to touch the preferred cipher order unless forced to - mostly because they their pages contain links to mixed https content

on different servers.

 

It would be nice if the SSL Server Test highlighted the weak server cipher ordering as a problem.

Outcomes