How to disable TLS/SSL static key cipher suites in Red Hat Satellite 6.x components?

Solution Verified - Updated -

Issue

  • How to disable weak SSL ciphers for security compliance?
  • How to enable Perfect Forward Secrecy (PFS) with Foreman-proxy and Dynflow?
  • How do I enable Perfect Forward Secrecy?
  • Is it possible to harden the Foreman-proxy (TCP port 9090) cipher suites to use only Perfect Forward Secrecy (PFS) enabled cipher suites?
  • How to restrict Weak SSL ciphers used by Red Hat Satellite 6 components?
  • How to disable TLSv1.0, TLSv1.1 in Red Hat Satellite, and Capsule server?

Environment

  • Red Hat Satellite and Capsule 6.5+

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content