Axigen Community Forum

  • If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.


No announcement yet.

Unsecured cipher suites should not be active by default.

  • Filter
  • Time
  • Show
Clear All
new posts

    Unsecured cipher suites should not be active by default.


    Trying to verify my SSL-settings with Qualsys SSL Labs I get a disastrous F-Grade. I then discover that Axigen is by default supporting cipher suits that has been deprecated since long time ago.

    I quite quickly find this article to rectify this situation:
    But do note that you have to configure this corrected cipher suite for EACH virtual host using its own certificate.

    Out of the box Axigen Mail server really should NOT support such deprecated ciphers!

    It is also quite bad that the getting started certificate created during install is still only of 1024 bit length (Requierment to use 2048 bit since long). Sure this certificate should be replaced by your own certificate as soon as possible but still...

    Best regards

    Hello Erik,

    Thank you for your feedback. My recommendation is to post them or similar Feature Request on the Axigen Product Community.