<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Insecure ciphers being flagged in security audit in ESXi Discussions</title>
    <link>https://communities.vmware.com/t5/ESXi-Discussions/Insecure-ciphers-being-flagged-in-security-audit/m-p/454030#M37535</link>
    <description>&lt;HTML&gt;&lt;HEAD&gt;&lt;/HEAD&gt;&lt;BODY&gt;&lt;P&gt;I am running ESXi version 6. I have run the tlsreconfigurator and turned off TLS 1.0 and 1.1. I also turned off TLS 1.0 and 1.1 on port 5989. The hosts are still being flagged for this:&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;UL&gt;&lt;LI&gt;&lt;SPAN&gt;Negotiated with the following insecure cipher suites: &lt;/SPAN&gt;&lt;UL&gt;&lt;LI&gt;TLS 1.2 ciphers: &lt;UL&gt;&lt;LI&gt;TLS_RSA_WITH_AES_128_CBC_SHA&lt;/LI&gt;&lt;LI&gt;TLS_RSA_WITH_AES_128_CBC_SHA256&lt;/LI&gt;&lt;LI&gt;TLS_RSA_WITH_AES_128_GCM_SHA256&lt;/LI&gt;&lt;LI&gt;TLS_RSA_WITH_AES_256_CBC_SHA&lt;/LI&gt;&lt;LI&gt;TLS_RSA_WITH_AES_256_CBC_SHA256&lt;/LI&gt;&lt;LI&gt;TLS_RSA_WITH_AES_256_GCM_SHA384&lt;/LI&gt;&lt;/UL&gt;&lt;/LI&gt;&lt;/UL&gt;&lt;/LI&gt;&lt;/UL&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;on ports 443 and 5989&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;How do I turn these off? This and the self signed certs are all I have left to fix.&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;Thank you for any help anyone can provide.&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;Matt&lt;/P&gt;&lt;/BODY&gt;&lt;/HTML&gt;</description>
    <pubDate>Tue, 31 Oct 2017 14:04:22 GMT</pubDate>
    <dc:creator>mdonovan</dc:creator>
    <dc:date>2017-10-31T14:04:22Z</dc:date>
    <item>
      <title>Insecure ciphers being flagged in security audit</title>
      <link>https://communities.vmware.com/t5/ESXi-Discussions/Insecure-ciphers-being-flagged-in-security-audit/m-p/454030#M37535</link>
      <description>&lt;HTML&gt;&lt;HEAD&gt;&lt;/HEAD&gt;&lt;BODY&gt;&lt;P&gt;I am running ESXi version 6. I have run the tlsreconfigurator and turned off TLS 1.0 and 1.1. I also turned off TLS 1.0 and 1.1 on port 5989. The hosts are still being flagged for this:&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;UL&gt;&lt;LI&gt;&lt;SPAN&gt;Negotiated with the following insecure cipher suites: &lt;/SPAN&gt;&lt;UL&gt;&lt;LI&gt;TLS 1.2 ciphers: &lt;UL&gt;&lt;LI&gt;TLS_RSA_WITH_AES_128_CBC_SHA&lt;/LI&gt;&lt;LI&gt;TLS_RSA_WITH_AES_128_CBC_SHA256&lt;/LI&gt;&lt;LI&gt;TLS_RSA_WITH_AES_128_GCM_SHA256&lt;/LI&gt;&lt;LI&gt;TLS_RSA_WITH_AES_256_CBC_SHA&lt;/LI&gt;&lt;LI&gt;TLS_RSA_WITH_AES_256_CBC_SHA256&lt;/LI&gt;&lt;LI&gt;TLS_RSA_WITH_AES_256_GCM_SHA384&lt;/LI&gt;&lt;/UL&gt;&lt;/LI&gt;&lt;/UL&gt;&lt;/LI&gt;&lt;/UL&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;on ports 443 and 5989&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;How do I turn these off? This and the self signed certs are all I have left to fix.&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;Thank you for any help anyone can provide.&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;Matt&lt;/P&gt;&lt;/BODY&gt;&lt;/HTML&gt;</description>
      <pubDate>Tue, 31 Oct 2017 14:04:22 GMT</pubDate>
      <guid>https://communities.vmware.com/t5/ESXi-Discussions/Insecure-ciphers-being-flagged-in-security-audit/m-p/454030#M37535</guid>
      <dc:creator>mdonovan</dc:creator>
      <dc:date>2017-10-31T14:04:22Z</dc:date>
    </item>
  </channel>
</rss>

