Skip to main content
Ask Question
Security
Asked a question 6 years ago

How do I change the cipher list CMDaemon negotiates with clients?

Where am I?

In Bright Computing, Inc. you can ask and answer questions and share your experience with others!

Can I change the cipher list that CMDaemon will negotiate with clients?

Ā 

Yes, this is possible in Bright 6.x with a CMDaemon revision >=17802.

To set the cipher list, the following AdvancedConfig option should be placed in /cm/local/apps/cmd/etc/cmd.conf:

AdvancedConfig = { "CipherList=HIGH" }

Note that if an AdvancedConfig section already exists in the cmd.conf, the CipherList option should be merged into the existing AdvancedConfig section (using commas as separation characters).

For more information about what ciphers are included in a given cipher list, use for example the following command:

openssl ciphers -v HIGH:SHA