Forum Discussion
SAMFS
Apr 24, 2024Copper Contributor
How to configure cipher suites for STARTTLS?
I configured the available cipher suites for an Exchange 2013 server as described here in the best practice document by putting them into the appropriate registry key:
HKLM:\SYSTEM\CurrentControlSet\Control\Cryptography\Configuration\Local\SSL\00010002
But when looking at a packet capture of an outgoing SMTP session of that server which used STARTTLS, I observed that it was offering a completely different set of ciphers. Is that registry key not being used for STARTTLS by Exchange Server and if so, where do the ciphers for that have to be configured instead?
- Andres-BohrenSteel Contributor
Hi SAMFS
I guess that these depended from what the OS is configured. Have a look here
Kind Regards
Andres
- SAMFSCopper ContributorThanks for you quick reply! That is the document I referred to in my post. So, what's in there either does not answer my question or I got it wrong 😅
- Andres-BohrenSteel ContributorHow to you check the Ciphers offered after STARTTLS?