Cipher suite changes are not being applied to site TLS
🔐SSL/TLS
I've got a domain being proxied via Cloudflare. On 10/8, I modified our cipher suite to use the "compatible" suite rather than the "legacy" one. This was to specifically stop using the CBC ciphers. Per documentation, I ensured that the minimum TLS version was set to 1.2 and that TLS 1.3 is enabled. I applied the new cipher suite but, even after a 28 hour wait, I still see the old cipher suite being used.
nmap -p 443 --script ssl-enum-ciphers mydomain.com
^ when running this nmap command, I expect the CBC ciphers to no longer be present, but they are.
Am I missing some configuration outside of the Edge Certificates config?
nmap -p 443 --script ssl-enum-ciphers mydomain.com
^ when running this nmap command, I expect the CBC ciphers to no longer be present, but they are.
Am I missing some configuration outside of the Edge Certificates config?
Welcome to the official Cloudflare Developers server. Here you can ask for help and stay updated with the latest news
87,353Members
Resources
Similar Threads
Was this page helpful?
