Have an account?
Need an account?
This document describes how to view and change what ciphers are used in conjunction with the Graphical User Interface (GUI) on the Cisco Email Security Appliance (ESA).
SSL protocols and ciphers advertised for incoming GUI connections can be configured with the sslconfig command. You can specify which ssl method is used specifically for GUI SSL communication.
myesa.local> sslconfigsslconfig settings: GUI HTTPS method: sslv3tlsv1 GUI HTTPS ciphers: RC4-SHA:RC4-MD5:ALL Inbound SMTP method: sslv3tlsv1 Inbound SMTP ciphers: RC4-SHA:RC4-MD5:ALL Outbound SMTP method: sslv3tlsv1 Outbound SMTP ciphers: RC4-SHA:RC4-MD5:ALLChoose the operation you want to perform:- GUI - Edit GUI HTTPS ssl settings.- INBOUND - Edit Inbound SMTP ssl settings.- OUTBOUND - Edit Outbound SMTP ssl settings.- VERIFY - Verify and show ssl cipher list.> GUIEnter the GUI HTTPS ssl method you want to use.1. SSL v2.2. SSL v3 3. TLS v1 4. SSL v2 and v35. SSL v3 and TLS v16. SSL v2, v3 and TLS v1> 2Enter the GUI HTTPS ssl cipher you want to use.[RC4-SHA:RC4-MD5:ALL]>
Return to the main CLI and commit all changes.