Skip to content

awselb 2014.2.19, intermediate config supports weak DH parameters #84

Open
@sonicdoe

Description

@sonicdoe

The awselb 2014.2.19, intermediate config supports weak Diffie-Hellman (DH) key exchange parameters, capping the Qualys SSL Labs grade to B.

As far as I know, Classic Load Balancers always use 1024-bit keys and Amazon Web Services instead recommends disabling DHE cipher suites. See Announcement: Announcing ELB security update to disable Diffie-Hellman key agreement from May 2015.

Metadata

Metadata

Assignees

Labels

P1Priority: 1S1Severity: 1documentationWrite down all the thingsfeedbackThings to learn from

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions