0 Replies Latest reply on Sep 18, 2015 11:00 AM by isvsecwatch

    SSL configuration issues with Filemaker Community website

    isvsecwatch

      The Filemaker Community website has several issues with its SSL configuration;

      1. Bad cipher ordering, preferring static, older ciphers over the preferred ephemeral ECDHE ciphers. This means that most clients will not select the latter, that the site will not provide Forward Secrecy even though technically capable of doing so.
      2. The RC4 cipher is still active, even though it is widely considered weak, and being actively deprecated across the industry. In a few weeks, the SSL Server Test will give any site with RC4 an 'F', the lowest possible rating.

       

      For further details, see the SSL Server Test results;

      https://www.ssllabs.com/ssltest/analyze.html?d=community.filemaker.com

       

      Please review your Apache configuration, and make the appropriate changes.