Kibana Ports reported as vulnerability for TLS v 1.0 and 1.1

pavank · March 3, 2021, 12:56pm

Hi All

We are using Kibana Version 6.6.2. Recently our security scans for vulnerable ports reported Kibana port (5061) for using TLS 1.0 and TLS 1.1.
I could not find any documentation on the blogs on how to disable older TLS versions.
Any suggestions or guidance on how to approach this issue is much appreciated.

Regards,
Pavan

jportner · March 3, 2021, 2:30pm

Hi @pavank, you can disable TLS 1.0 and 1.1 by adding the following to your kibana.yml:

server.ssl.supportedProtocols: "TLSv1.2"

You can find more information on this page of the docs: Configuring Kibana | Kibana User Guide [6.6] | Elastic

system · March 31, 2021, 2:30pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to disable kibana 7.17.3 TLS version 1.1 Kibana elastic-stack-security	2	400	June 9, 2022
Disable tlsv1 and tlsv1.1 in kibana Kibana	2	2039	March 20, 2018
Configure Kibana for TLS 1.1 Kibana elastic-stack-security	2	394	August 26, 2020
How do I enable TLS1.2 only and disable weak ssl ciphers in Kibana 7.0? Kibana elastic-stack-security	2	3527	March 29, 2021
Kibana 5601 port protocol & cipher vulnerability Kibana	4	1855	November 23, 2018

Kibana Ports reported as vulnerability for TLS v 1.0 and 1.1

Related Topics