Our InfoSec scans report that Kibana 7.0 service is supporting weak protocols and weak cipher suites. I am trying to find how to disable TLS 1.1 and below protocols and remove specific ciphers from Kibana service.
Any help you could provide will be greatly appreciated.
Hi, welcome to the forums! Kibana supports the setting server.ssl.supportedProtocols:
Please note that TLS 1.3 is only supported in the very latest Kibana, 7.11.0
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.