AWS_ELB_72
Using insecure ciphers for your ELB Predefined or Custom Security Policy, could make the SSL connection between the client and the load balancer vulnerable to exploits. TLS 1.0 was recommended to be disabled by PCI Council after June 30, 2016
Login to the AWS Management Console.
– Navigate to EC2 dashboard
– In the navigation panel, under Load balancing, click Load Balancers.
– Select your Elastic Load Balancer.
– Select the Listeners tab from the bottom panel. In the Cipher column of the HTTPS listener, click Change:
Scan the SSL Ciphers section for any insecure / deprecated cipher definitions.
The following list defines all the insecure ciphers that require to be removed: http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/elb-security-policy-table.html
Want to Know More?
Learn how our partners are managing their cloud security and compliance with Cloudlytics.
I hereby accept the GDPR and Privacy Policy, by subscribing to the newsletters.