Disable RC4 ciphers when not using nginx reverse proxy

General discussion about Zimbra Desktop.
Post Reply
Verta
Posts: 5
Joined: Sun Nov 16, 2014 2:50 am

Disable RC4 ciphers when not using nginx reverse proxy

Post by Verta »

Hi all,
Yesterday I upgraded to Zimbra OS edition 8.6.0 (from 8.5.1) and part of the upgrade instructions detailed how to disable weak ciphers and SSLv3. The upgrade process disabled SSLv3 for me, however I can't find out how to disable RC4 as I don't use zimbra-proxy.
I've added all RC4 ciphers to the excluded list using "zmprov mcf" however when running SSL Labs I still have the following two ciphers showing up as available:
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_RC4_128_SHA
I'm assuming that the excluded ciphers list I updated with zmprov was only for if I have zimbra-proxy installed as I've restarted the appropriate services and even rebooted since making the changes.

Can anyone shed some light on how I may disable RC4 please?

Many thanks,

Verta
User avatar
ccelis5215
Outstanding Member
Outstanding Member
Posts: 632
Joined: Sat Sep 13, 2014 2:04 am
Location: Caracas - Venezuela
ZCS/ZD Version: 8.8.15.GA.3869.UBUNTU18.64 P12

Disable RC4 ciphers when not using nginx reverse proxy

Post by ccelis5215 »

Verta
Posts: 5
Joined: Sun Nov 16, 2014 2:50 am

Disable RC4 ciphers when not using nginx reverse proxy

Post by Verta »

Many thanks for the response ccelis5215, my forum searching skills are obviously not up to scratch! The post by quanah in the link did indeed fix my issue. The next time I perform some server maintenance I may enable proxy/memcached as that appears to be the recommended config now.



Verta.
Post Reply