openssl – Nginx with only TLS1.3 cipher suites

I am trying to configure Nginx to use only TLS1.3 with 2 ciphers: TLS-AES-256-GCM-SHA384:TLS-AES-128-GCM-SHA256.

So, I tried this configuration:

ssl_protocols TLSv1.3;
ssl_ciphers TLS-AES-256-GCM-SHA384:TLS-AES-128-GCM-SHA256;

But nginx -s reload errors out with

nginx: (emerg) SSL_CTX_set_cipher_list("TLS-AES-256-GCM-SHA384:TLS-AES-128-GCM-SHA256") failed (SSL: error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match)", "operationName": "Default", "category": "Default"}

Looks like I need to append at least one non-TLS1.3 cipher to make the config work. I tried various such combinations and they worked. One of them is:


Why is it so? I think it’s happening because OpenSSL itself doesn’t accept the original ciphersuite string. I am using OpenSSL-1.1.1g.

root@2ed6cae6e062:/azure/appgw# openssl ciphers -v TLS-AES-256-GCM-SHA384:TLS-AES-128-GCM-SHA256
Error in cipher list
140686067873536:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match:ssl/ssl_lib.c:2558:

There are some useful links I came across but couldn’t figure out how to achieve what I want – using only TLS1.3 ciphersuites.,284909,284914#msg-284914

tls – Do Cipher Suites matter under attack using sslsqueeze tool?

I find that sslsqueeze tool can carry attack on SSL/TLS server and does not need to perform any cryptographic operations. I think that no matter which cipher suite used in handshakes, the tool consumes the same CPU power.

Then do cipher suites used in handshakes a factor to make the server more susceptible to the attack using sslsqueeze tool?

If cipher suites really matter, does it mean that attacker can specify certain cipher suite for handshake to make the attack more likely to succeed?

What is the purpose of coupling TLS cipher suites? Why are they matched as they are?

Why are there predefined sets of cipher suites. Why is it not recommended to create your own cipher suites.

How do I know which encryption suites can be disabled?

The required encryption suites depend entirely on the clients that are expected to use the service. Qualys SSL Labs' SSL Server Test is designed to test publicly available web servers, so we can assume that it is a web application. All current versions of leading browsers are capable of handling TLS 1.2+ with the recommended crypto suites in RFC 7525, 4.2, making it a good starting point for highly secure configuration:


Then, from the SSL Labs report, the Handshake Simulation section is a handy tool for detecting common clients that you can not use only with these crypto suites:

Handshake simulation

If you for example To be able to serve old Apple devices with Safari, the best suite of encryption available for them is:

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028) ECDH secp256r1 (RSA 3072 bits) LOW FS


From the list that leaves … that uses a Windows 8.1 phone anyway. 😉

Similarly, if you need additional browsers or supported devices, you can use the browser test to determine an appropriate encryption sequence. Also note that variants using (Chaining encryption blocks) The CBC mode is not weak in itself, but SSL Labs considers them weak because of the many vulnerable implementations.

tls – Why is SSL Labs now considering weak CBC suites?

Does anyone know why SSL labs now mark CBC 256 suites as weak, although the GCM and ChaCha20 equivalents are considered strong? Until a few months ago, it was not marked in the reports (nor explicitly as weak or strong) and it is still not marked in their client lists.

The suites in question are:


SHA1 are needed to support 5 and 6 with a score of 4×100%. He always gets a score of 4×100%, but the mark as weak, which, from the point of view of OCD, does not seem "unprofessional".

linux – How to fix: SSL / TLS: Report weak encryption suites for the Ubuntu server

I performed a vulnerability analysis and I got these results for ports 993, 995 and 5432. I use Dovecot for POP3S and IMAPS and Postgres for port 5432. The analysis vulnerabilities have allowed me to achieve these results:

This routine lists all the weak SSL / TLS encryption suites that are accepted by a service.
NOTE: No severity for SMTP services with "opportunistic TLS" and weak encryption suites on port 25 / TCP is reported. If too robust cipher suites are configured for this service, the alternative would be to fall back on an even more unclear plaintexting.

Result of vulnerability detection:

The "weak" encryption suites accepted by this service via the TLSv1.0 protocol:

The "weak" encryption suites accepted by this service via the TLSv1.1 protocol:

The "weak" encryption suites accepted by this service via the TLSv1.2 protocol:

Solution –
Type of solution
: Mitigation
The configuration of these services must be modified so that it no longer accepts the weak cipher suites listed.
Please refer to the references for more resources helping you with this task.

Vulnerability Insight
These rules are applied for the evaluation of cryptographic strength:

  • RC4 is considered low (CVE-2013-2566, CVE-2015-2808).
  • Encrypts using 64 bits or less are considered vulnerable to brute force methods and therefore considered weak (CVE-2015-4000).
  • The 1024-bit RSA authentication is considered insecure and therefore weak.
  • Any figure considered safe for the next 10 years only is considered average.
  • Any other number is considered strong

I am new to this stuff and I have tried to find a way to fix this vulnerability. I am sure that there is a configuration file that I am supposed to change, but I do not know what to do. I want to know how to disable weak cipher suites for each of these ports. Can someone help me?

tls – Why do cipher suites with message-authenticated encryption modes also specify a hash algorithm

While AES-GCM and ChaCha20-Poly1305 use AEAD encryption modes and therefore do not require MAC code for the encrypted data, there are still parts of the TLS protocol that require a hash function.

The first concerns the validation of the negotiation. When the Completed message is sent, it contains a hash of all previously held negotiation messages, which allows TLS to validate that the negotiation messages sent before the key exchange were not falsified. The hash function used here is the one specified in the cipher suite. You can read more about this in RFC 8446 Section 4.4.4.

The second is for key derivation. Although the main key of the session is exchanged or approved via ECDHE or a similar mechanism, this master key is not directly used for encryption or verification of authenticity. Instead, an HMAC-based PRF is used to derive keys for various purposes (for example, encryption), and the underlying hash of that HMAC is specified in the cipher suite. You can learn more about this in RFC8446 Appendix E.1.1 and in more detail in RFC 5246 Section 5.

Encryption Suites for SQL 2005

I'm currently using TLS 1.2 for secure authentication, but few servers running SQL 2005 are facing a problem. I've learned that TLS 1.2 only applies to SQL 2008 and later versions. I want to know which protocol (TLS 1.1 or 1.0) and which ciphers will be used for SQL 2005?


redhat – Medium power SSL encryption suites supported by hyperkube

I have the SSL Medium Strength Cipher Suites vulnerability supported on port 10250. Hyperkube is running there:

root 13127 1 22 2018? 3-00: 40: 16 / opt / kubernetes / kubelet hyperkube --feature-gates Accelerators = true, PersistentLocalVolumes = true, ExperimentalCriticalPodAnnotation = true --allow-privileged = true --docker-disable-shared-shared-pid - require- kubeconfig --kubeconfig = / var / lib / kubelet / kubelet-config --read-only-port = 0 - client-ca-file = / var / lib / kubelet / ca.crt --authentication-token-webhook - -anonymous-auth = false --network-plugin = cni - manifest-manifest-path = / etc / cfc / pods - hostname-override = xx.xx.xx.xx --node-ip = xx.xx. xx.xx --cluster-dns = xx.xx.xx.xx --cluster-domain = cluster.local --pod-infra-container-image = xxxxx / pause: 3.0 --cgroup-driver = cgroupfs --fail -swap-on = false

I know that I need to add –tls-cipher-suites = TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 in one of the hyperkube files, but I do not know which one. There is no kube-apiserver on the server, so I added it in the / var / lib / kubelet / kube-proxy-config and kubelet-config directory:

apiVersion: v1
kind: config
- cluster:
insecure-skip-tls-verify: true
--tls-cipher-suites = TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
server: https: //x.x.x.x: 8001
name: cfc-cluster
- the context:
cluster: cfc-cluster
user: kube-proxy
- name: kube-proxy
client-certificate: /var/lib/kubelet/kube-proxy.crt
client key: /var/lib/kubelet/kube-proxy.key

The vulnerability continues to appear and I was unable to restart the service with any of the following commands.

/etc/init.d/kubelet restart
systemctl restart kubectl

How can I reload the hyperbube for the changes to take effect?

Thanks in advance

Midtown Suites Condo Singapore

Midtown Suites is a contemporary mixed complex built by GuocoLand, consisting of shops and residential units along Beach Road in District 7 of Singapore. This iconic resort will be located in the city and will allow you to easily reach any other part of the island. .
Register your interest now to see the showflat, get the latest information such as launch date, e-brochure, floor plan and invitation to priority VVIP preview.
For more launches of new properties, please visit Singapore Property
Small image