Search Appliance

 

Thunderstone Search Appliance Manual

Honor Cipher Order

Whether to honor the cipher ordering specified in HTTPS/SSL Ciphers when clients connect to the Search Appliance. When set to Y, this allows weaker ciphers to be included in HTTPS/SSL Ciphers for back-compatibility with older clients, while still forcing newer clients to use stronger (earlier-specified) supported ones. Y may mitigate the BEAST SSL vulnerability.

If set to N, the client is instead allowed to negotiate a cipher that is potentially weaker than others it supports; this may be needed for some older clients.

Note that this setting may not be available on some older Appliances (Gen1; ca. pre-2009).


Copyright © Thunderstone Software     Last updated: Dec 5 2019