Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
imathew
Staff
Staff

Created on ‎05-27-2024 11:15 PM Edited on ‎05-27-2024 11:43 PM By Community Manager

Article Id 317641

Technical Tip: VA Remedy for ssl-static-key-ciphers

Description This article discusses VA Remedy for ssl-static-key-ciphers.
Scope FortiGate.
Solution

The main cause of this type of vulnerability is the use of TLS1.0, which utilizes a 'Static Key Cipher'.

Although this is considered a 'low severity' vulnerability, it is always recommended to use TLS1.1 or above versions. It is advisable to disable older versions like SSLv3 and TLS 1.0 if they are enabled:


config system global
    set admin-https-ssl-banned-cipher SHA1 SHA256 SHA384
end
817
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.