Hello,
I disabled HTTP/2 and defined this cipher suite to my SSL Protocol configuration:
Listener HTTPS->SSL->SSL Protocol
"TLS_CHACHA20_POLY1305_SHA256:ECDHE-RSA-AES256-GCM-SHA384:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"
TLS 1.3:
TLS_AES_256_GCM_SHA384
TLS_CHACHA20_POLY1305_SHA256
TLS 1.2:
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
I want to disable all Ciphers <= 128 and active only Ciphers >= 256 to get 100% on Cipher Stronger pontuation in the SSL Labs test:
SSL Labs Grade Documentation:
"Key Exchange 100%: Key or DH paramenter strength >= 4096 bits
Cipher Strength 100%: All keys size >= 256 bits "
But when I tested in SSL Labs, cipher that I disabled before appears yet.
I disabled HTTP/2 and defined this cipher suite to my SSL Protocol configuration:
Listener HTTPS->SSL->SSL Protocol
"TLS_CHACHA20_POLY1305_SHA256:ECDHE-RSA-AES256-GCM-SHA384:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"
TLS 1.3:
TLS_AES_256_GCM_SHA384
TLS_CHACHA20_POLY1305_SHA256
TLS 1.2:
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
I want to disable all Ciphers <= 128 and active only Ciphers >= 256 to get 100% on Cipher Stronger pontuation in the SSL Labs test:
SSL Labs Grade Documentation:
"Key Exchange 100%: Key or DH paramenter strength >= 4096 bits
Cipher Strength 100%: All keys size >= 256 bits "
But when I tested in SSL Labs, cipher that I disabled before appears yet.
