How can I update the below values to different ones using couchbase-cli as we want to mitigate vulnerability CVE-2016-2183
“ssl_cipher_list”: {
“tls 1.2”: “HIGH”,
“tls 1.3”: “TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256”
},
We want to see somethin like
“ssl_cipher_list”: {
“tls 1.2”: “HIGH:!3DES”,
“tls 1.3”: “TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256”
},
Here is the sample syntax… you can change according to the parameter you want to set and try
/opt/couchbase/bin/couchbase-cli setting-security -c 127.0.0.1:8091 -u Administrator -p --set --tls-honor-cipher-order 1 --cipher-suites TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384,TLS_CHACHA20_POLY1305_SHA256
To verify the current parameter, you can use the below command
curl -X GET -u Administrator: http://localhost:8091/settings/security/
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.