SSL Medium Strength Cipher Suites Supported (SWEET32) on Linux RedHat

Sometimes the blue teams are tasked with resolving this vulnerability which can fall into the Medium or High Vulnerability.

This is caused by using weak cipher suites.

go ahead and run the below to fix.

nano /etc/httpd/conf.d/ssl.conf

you can set the below

SSLProtocol all -SSLv2 -SSLv3

SSLCipherSuite HIGH: !aNULL: !MD5

SSLHonorCipherOrder on

Here are the explanations

SSLProtocol
Use this directive to specify the version of TLS(or SSL) you want to allow

SSLCipherSuite
Use ths directive to specify your preferred cipher suite or disable the ones you want to disallow.

SSLHonorCipherOrder
Uncomment and set this directive to on to ensure the connecting clients adhere to the order of ciphers you specified.