Hi Team,
Our client is using Version : PostgreSQL 9.6.17 , they have done vulnerability assessment and found that :
Our client is using Version : PostgreSQL 9.6.17 , they have done vulnerability assessment and found that :
- TLS version 1.0 Protocol detection
- The remote service encrypt traffic with older version of TLS
We suggested the below changes in PostgresSQL.conf
ssl_ciphers = 'HIGH:!aNULL' OR ssl_ciphers = 'HIGH:TLSv1.2:!aNULL'
ssl_ciphers = 'HIGH:!aNULL' OR ssl_ciphers = 'HIGH:TLSv1.2:!aNULL'
ssl_prefer_server_ciphers = on
ssl_ecdh_curve = 'prime256v1'
ssl_ecdh_curve = 'prime256v1'
But the scan report is still the same. Can you please guide with the configuration in the present Postgres version to remediate it.
Thanks
Thanks
