AnsweredAssumed Answered

Authenticated encryption cipher suites.

Question asked by Scott Giesbrecht on Feb 26, 2018
Latest reply on Apr 13, 2018 by Christopher Olson

Hello All,

 

I am a little confused and I hope someone can point me in the right direction. I have a server that get the following warning when I scan it with www.ssllabs.com:

This server does not support Authenticated encryption (AEAD) cipher suites. Grade will be capped to B from March 2018

 

I have other servers that do not get this message, so I looked to see what the difference is and found that the following cipher is the difference:

 

TLS_RSA_WITH_AES_256_GCM_SHA384

 

I was under the impression that the RSA ciphers were the culprit for the ROBOT vulnerability and that we should be looking to remove them. So I guess my questions is why does sslabs.com remove the above warning when I add the above cipher?

 

Thanks,

Scott

Outcomes