Kibana Ports reported as vulnerability for TLS v 1.0 and 1.1

Hi All

We are using Kibana Version 6.6.2. Recently our security scans for vulnerable ports reported Kibana port (5061) for using TLS 1.0 and TLS 1.1.
I could not find any documentation on the blogs on how to disable older TLS versions.
Any suggestions or guidance on how to approach this issue is much appreciated.

Regards,
Pavan

Hi @pavank, you can disable TLS 1.0 and 1.1 by adding the following to your kibana.yml:

server.ssl.supportedProtocols: "TLSv1.2"

You can find more information on this page of the docs: Configuring Kibana | Kibana User Guide [6.6] | Elastic

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.