Home » Kerio User Forums » Kerio Operator » PCI Scan failures - weak ciphers and ssl2

Messages: 1
Karma: 0
Send a private message to this user

We have Operator behind a Kerio Control box (with VOIP ports forwarded). We are getting PCI scan failures for the following:

SSL Version 2 (v2) Protocol Detection
SSL Medium Strength Cipher Suites Supported
SSL Weak Strength Cipher Suites Supported

Can anyone help provide instructions to disable these? (On a webserver it would just be apache ssl config).

Filip Jenicek (Kerio)

Messages: 968
Karma: 80
Send a private message to this user

thank you for pointing this out. I have found out that Asterisk over SSL does indeed offers Weak Ciphers. We will disable these. However, we cannot remove Medium ciphers as they are used by snom phones.

Please correct me if I'm wrong, but I believe that webserver ports 4021 and 443 are fine.

Thank you,
Previous Topic: Gradwell.net SIP trunks
Next Topic: PRI / handoff
Goto Forum:

Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Wed Nov 21 10:29:21 CET 2018

Total time taken to generate the page: 0.86329 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.