AnsweredAssumed Answered

Cipher Suite Handshake Simulation Question

Question asked by hkincannon on Sep 1, 2016
Latest reply on Sep 2, 2016 by Ivan Ristić

Hello all,

 

I have a question regarding the Handshake Simulation portion of a Qualys SSL Labs scan.  My situation is this.  I have a load balancer that I want to disable a certain type of cipher suites on.  To make a long story short, this certain type of cipher suite is causing issues for one of my applications.  When I run a scan on the server, I get a nice readout of handshakes from a variety of technologies.  I'm interested in knowing how accurate/exhaustive that is.  As a test, I would like to remove the cipher suites on my load balancer and run another scan through it.  What I would hope to see is that the devices in the handshake simulation section have started to use other cipher suites.  If I look at the new report and see that all of the technologies are still communicating albeit with different cipher suites, can I reasonably assume that I'm not going to cut off any technology from communicating from my server?

 

I hope I'm making sense and thanks in advance!

Outcomes