Question
· Jan 3, 2023

How to disable outdated TLS version (1.0 and 1.1)

I've disabled TLS v1.0 and 1.1 within Healthshare setting, but still seeing these error messages when running a security scan. We do have apache being used. What else can I try?

Error messages:

The remote host supports the use of SSL ciphers that offer medium strength encryption. Nessus regards medium strength as any encryption that uses key lengths at least 64 bits and less than 112 bits, or else that uses the 3DES encryption suite. Note that it is considerably easier to circumvent medium strength encryption if the attacker is on the same physical network.
The remote service accepts connections encrypted using TLS 1.1. TLS 1.1 lacks support for current and recommended cipher suites. Ciphers that support encryption before MAC computation, and authenticated encryption modes such as GCM cannot be used with TLS 1.1 As of March 31, 2020, Endpoints that are not enabled for TLS 1.2 and higher will no longer function properly with major web browsers and major vendors.
Product version: IRIS 2021.2
$ZV: HealthShare Unified Care Record 2021.2.1 Build: 1000 [HealthShare Modules: Health Insight:22.0 + Core:22.0] - IRIS for UNIX (Red Hat Enterprise Linux for x86-64) 2021.1.2 (Build 336_0_21548U)
Discussion (2)2
Log in or sign up to continue