Issue in cipher suite

Hi, we are using wildcard certificate successfully on our different servers. We have deployed wildcard certificate on our web-server (Ubuntu with apache) and using the same wildcard certificate on other server as well successfully but the problem arise when we compare the information of both certificates we get a message that the webserver is using modern cipher suite with following message

The connection is encrypted and authenticated using AES_128_GCM and uses ECDHE_RSA as the key exchange mechanism.

where as the other server where we deployed the same wildcard certificate (by copying and changing its type from pem format to crt) we are getting the information of using obselete cipher suite with following message

The connection is encrypted using AES_128_CBC, with HMAC-SHA1 for message authentication and ECDHE_RSA as the key exchange mechanism.

Please help me in rectifying this issue.

Hi @AKarimKazi

this isn't a certificate problem. This is only a cipher suite configuration problem of your server.

So search "apache cipher suite".

Sample:

https://httpd.apache.org/docs/2.4/ssl/ssl_howto.html

Also https://mozilla.github.io/server-side-tls/ssl-config-generator/

Thanks @JuergenAuer and @schoen for your replies but we have the above mentioned issue in our mail server (zimbra) where we have exported our wildcard certificate to. And its important to notice that zimbra is not linked with apache.

In that case, it looks like you might want to look at

https://wiki.zimbra.com/wiki/Cipher_suites

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.