AnsweredAssumed Answered

Weak Ciphers. Disabled but detected?

Question asked by Jay B on Feb 22, 2018
Latest reply on Feb 23, 2018 by Jay B

Server 2012r2

IIS8

pfSense Firewall (latest firmware)

 

Our site has an A+ rating but has shown weak ciphers.

(capture.jpg)

 

As far as I could tell, I had them all disabled via IISCrypto. (capture2.jpg) so I ignored them, however this morning our latest PCI scan failed due to

 

TLS_RSA_WITH_3DES_EDE_CBC_SHA'.

 

As noted, this shows in IICrypto as not enabled and yet it's being detected.

 

I don't really understand how that's possible.

 

Could there be an issue with ciphers on the firewall? I'm going to open a ticket with pfSense to inquire, but thought I'd ask here as well.

Attachments

Outcomes