sslv3

PingIdentity: Disabling SSLv3 and weak ciphers for PingFederate


Categories: Linux

The PingFederate server provides best-in-class Identity Management and SSO.  However, due to US laws governing export of cryptography, the default SSL protocols and cipher suites need to be configured to harden the solution. Below are the steps involved with making these post-installation changes.

OpenSSL: Using OpenSSL to enumerate protocols and ciphers in use by web applications


Categories: Linux

Update Feb 2023: enumerating the secure protocols and ciphers of a remote site can be done more efficiently by nmap, as described in my other article here. While enabling HTTPS is a important step in securing your web application, it is critical that you take steps to disable legacy protocols and low strength ciphers that OpenSSL: Using OpenSSL to enumerate protocols and ciphers in use by web applications