We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Describe the bug
The zhmc prometheus expoerter should not support any risky cryptographic algorithms.
Expected behavior The two test items shoud be "OK" in testssh.sh test result.
To Reproduce Test with testssl.sh, it will report the two issues in its test result.
Environment information
zhmc_prometheus_exporter --version
Command output
{ "id" : "cipher-tls1_2_xc028", "severity" : "LOW", "finding" : "TLSv1.2 xc028 ECDHE-RSA-AES256-SHA384 ECDH 253 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384" },{ "id" : "cipher-tls1_2_xc027", "severity" : "LOW", "finding" : "TLSv1.2 xc027 ECDHE-RSA-AES128-SHA256 ECDH 253 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256" }
Log file <-- If possible, attach a log file generated with '--log-comp all=debug --log exporter.log'. -->
The text was updated successfully, but these errors were encountered:
Mu Chen, I assume this is on the Prometheus port of the exporter.
Can you please send me via Slack the credential files you used in the prometheus section of the exporter's credentials file?
Sorry, something went wrong.
For info, this may be how to set ciphers: https://stackoverflow.com/a/34799338/1424462
The two ciphers are CBC ciphers that are reported by testssl.sh:
LUCKY13 (CVE-2013-0169), experimental potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS. Check patches
This was on macOS with:
Solved with PR #551 .
andy-maier
Successfully merging a pull request may close this issue.
Describe the bug
The zhmc prometheus expoerter should not support any risky cryptographic algorithms.
Expected behavior
The two test items shoud be "OK" in testssh.sh test result.
To Reproduce
Test with testssl.sh, it will report the two issues in its test result.
Environment information
zhmc_prometheus_exporter --version
:Command output
Log file
<-- If possible, attach a log file generated with '--log-comp all=debug --log exporter.log'. -->
The text was updated successfully, but these errors were encountered: