Add new attachment

Only authorized users are allowed to upload new attachments.

List of attachments

Kind Attachment Name Size Version Date Modified Author Change note
jpg
ssl_prefs1.jpg 553.1 kB 1 05-Jul-2022 15:00 Ada Csaba

This page (revision-16) was last changed on 05-Jul-2022 15:36 by Ada Csaba

This page was created on 05-Jul-2022 14:39 by Ada Csaba

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Difference between version and

At line 1 changed one line
On this page can issue an SSL cert and tweak SSL ciphers
On this page can issue an SSL cert and tweak SSL ciphers.
\\
[{Image src='ssl_prefs1.jpg' width='1360' height='..' align='left' style='..' class='..' }]\\
\\
In the upper half of the page can issue a new cert by doing all 3 __Steps__ or apply an existing keystore, as per our [SSL Cert|SSLCerts] wiki.\\
\\
The __Advanced__ section allows changing supported SSL cipher groups or tweak individual ciphers.\\
\\
__TLS versions__ field defines the supported cipher groups for all SSL __server__ ports: HTTPS, WEBDAVS, FTPS, FTPES.\\
\\
__TLS versions client__ field defines the supported cipher groups for all __client__ mode: CrushTask task items, remote user VFS of HTTPS, WEBDAVS, FTPS, FTPES type, the AS2 protocol, SMTP relay connector.\\
\\
CrushFTP v10 supports SSLv2Hello,TLSv1,TLSv1.1,TLSv1.2,TLSv1.3, while TLSv1.3 ciphers require Java 17+.\\
\\
__REMINDER:__ TLS session resumption for Implicit FTPS is only supported by TLSv1.3, when using this protocol either in client or server mode, need to tweak the cipher groups accordingly.\\
\\
__Require valid client certificate__ , usually never needs to be turned on, enforces client [client cert|client certificate] authentication for all SSL ports. Rather recommanded to use the appropriate settings on specific server listener items instead.\\
\\
The __All insecure ciphers__ link will move all non-A rated ciphers into the __Disabled ciphers__ list, we update the strength policy by CrushFTP updates as new ciphers come in existence or vulnerabilities are discovered in existing ones.\\
Version Date Modified Size Author Changes ... Change note
16 05-Jul-2022 15:36 1.566 kB Ada Csaba to previous
15 05-Jul-2022 15:35 1.469 kB Ada Csaba to previous | to last
14 05-Jul-2022 15:34 1.457 kB Ada Csaba to previous | to last
13 05-Jul-2022 15:34 1.461 kB Ada Csaba to previous | to last
12 05-Jul-2022 15:34 1.457 kB Ada Csaba to previous | to last
11 05-Jul-2022 15:16 0.904 kB Ada Csaba to previous | to last
10 05-Jul-2022 15:14 0.738 kB Ada Csaba to previous | to last
9 05-Jul-2022 15:07 0.301 kB Ada Csaba to previous | to last
8 05-Jul-2022 15:06 0.309 kB Ada Csaba to previous | to last
7 05-Jul-2022 15:06 0.305 kB Ada Csaba to previous | to last
6 05-Jul-2022 15:02 0.156 kB Ada Csaba to previous | to last
5 05-Jul-2022 15:02 0.156 kB Ada Csaba to previous | to last
4 05-Jul-2022 15:01 0.156 kB Ada Csaba to previous | to last
3 05-Jul-2022 15:01 0.156 kB Ada Csaba to previous | to last
2 05-Jul-2022 15:01 0.154 kB Ada Csaba to previous | to last
1 05-Jul-2022 14:39 0.059 kB Ada Csaba to last
« This page (revision-16) was last changed on 05-Jul-2022 15:36 by Ada Csaba
G’day (anonymous guest)
CrushFTP10 | What's New
JSPWiki