0 Replies Latest reply: Mar 26, 2014 7:20 AM by sonnv RSS

    Configure SSLCipherSuite to inspect https traffic

    sonnv

      Hi everyone,

      I deploy McAfee NIPS (v8.0.5) to decrypt & prevent attacks for web server (apache). After configuring web server (httpd, mod_ssl,, generate certificate, virtual host), i import certificate to McAfee NIPS sensor for decrypting. When client connect to web server through https/ssl, i see alert on McAfee NIPS:

      01.IPS_Alert.jpg

      I know that, McAfee NIPS doesn't support DH key exchange so we have to configure web server (apache) using RSA key exchange.

      As McAfee guideline, McAfee support below SSLciphersuite:

      Ciphersuite.jpg

      If i want to use SSL/TLS_RSA_WITH_RC4_128_SHA ciphersuite, how do i configure the SSLCiphersuite in ssl.conf file of Web server (apache) ?

      Does anyone have experience in this case ?