cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

how to correct DH cipher

ngupta13
Participant
 
3 REPLIES 3

BabarQayyum
Leader

Hello @Natasha G.

Below are the unsupported versions.

  • DSA
  • Diffie-Hellman
  • Fortezza

Have a look on the below link for more insight.

https://www.dynatrace.com/support/doc/nam/ssl-moni...

Regards,

Babar


przemyslaw_tafe
Dynatrace Pro
Dynatrace Pro

Natasha, what do you mean by correct DH cipher?

Here is a great

SSL Monitoring and Decryption FAQ

covering topics around Diffie-Hellman encryption if you were seeking a way to make AMD decipher SSL traffic encrypted by DH-based cipher suites - that's not possible to achieve with SSLD decode in AMD, but there are some alternative solutions discussed - those require additional 3rd party hardware though.


travis_booth
Helper

We worked with our security team to create a Standardized Cipher Suite that applications that require DCRUM can use that puts DH Ciphers at the bottom of the priority list. This will work until TLS 1.3 and full perfect forward security is pushed out.