Description: SSL server accepts weak ciphers Severity: Potential Problem Impact: A remote attacker with the ability to sniff network traffic could decrypt an encrypted session. Resolution For Apache mod_ssl web servers, use the [http://httpd.apache.org/docs/2.0/mod/mod_ssl.html#sslciphersuite] SSLCipherSuite directive in the configuration file to specify strong ciphers only and disable SSLv2.
Our SSL was setup via the keytool as our server's only purpose is serving up Servoy.
Does anyone know anything about this or how to accomplish this with the Servoy App Server or is this strictly an apache thing?
We are running Linux - CentOS 5