Default encryption cipher for the CSA

Version 3

    Verified Product Versions

    LANDESK Management Suite 9.6LANDESK Management Suite 2016.x

    Issue:

    Users have the ability to change the encryption ciphers in the Cloud Service Appliance > Gateway Service Configuration > Encryption Ciphers. Sometimes this can break communication from the core to the CSA. This is usually manifest by the "Cannot connect to the CSA" error when trying to apply CSA settings from the core. (Configure > Manage Cloud Services Appliances > Select the CSA > Edit > Apply)

     

     

    Solution:

    Replace the Encryption Ciphers line with the default preconfigured CSA setting:

     

    EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4:!ADH:!IDEA