Hey everyone! Given that 3DES ciphers are susceptible to SWEET32 attacks, I’m on a mission to secure our CloudFront domains. However, I’ve hit a snag: the most up-to-date security policy I can apply is TLSv1.2, which, to my surprise, still supports 3DES. Does anyone know if there’s a method to exclude 3DES ciphers from CloudFront? Alternatively, is there a way to customize the security policy manually? Appreciate any insights or guidance!
...with this feature, you can select the security policy that enforces TLS version 1.1 and weak ciphers such as RC4 and 3DES will automatically be excluded...
^ Hope it helps.
Hi Everyone! Does anyone know a good alternative to freeipa? Is freeipa the best for managing access to Linux machines?