Need TLS_Cipher suites configuration file for vault

jayasri.ravichandran · March 8, 2023, 2:09pm

Hi,

We have got Vulnerability "SSL medium strength Cipher suites Supported (SWEET32) " for our Linux Machines.

Which config file we need to update the TLS cipher suites for Vault?
Will hardening the systems by updating/disabling the TLS lower version Cipher suites will cause any issues to vault ?

Can anyone clarify this? How to mitigate this vulnerability in vault.

Thanks,
Jayasri Ravichandran

maxb · March 10, 2023, 10:16pm

jayasri.ravichandran · March 21, 2023, 11:15am

Hi Max,

Thanks for the Response.

I have gone through the Link which you have provided, But TCPListeners parameter is in the vault’s hcl configuration file?

Is it really possible that if update the Cipher suites or MIn and Max TLS version parameters will that work?

Thanks & Regards,
Jayasri Ravichandran

Topic		Replies	Views
SSL Medium Strength Cipher Suites Supported (SWEET32) Vault	2	828	April 5, 2023
AS per vulnerabilities scanning report ..SSL Medium Strength Cipher Suites Supported (SWEET32) on port 8200 hashicorp Vault Vault	0	29	July 15, 2024
Vault agent listener tls_cipher_suites Vault	0	24	July 12, 2024
SSL Medium Strength Cipher Suites Supported (SWEET32) - 3DES Vault	1	748	September 6, 2023
The recommend for tls_cipher_suites from vault tsl certificate config Vault	1	466	September 20, 2021