Imperva Cyber Community

Hi,

How to disable weak ssl cipher on Imperva Gateway version 14.0 when PCI compliance required. I try change status from "true" to "false" at bootstrap.xml following a user guide (https://docs.imperva.com/howto/3df18e7e) but ssl cipher doesn't change. and if enable only ECDHE cipher, Gateway not running.
#On-PremisesWAF(formerlySecuresphere)

------------------------------
Trans Systems
support
Huaykwang
------------------------------

Hi ,
If I got it correctly, from 13.3 (i think) you can do it via gui directly : Global Object > SSL Settings

Regards

------------------------------
Zuliani
------------------------------

Original Message:
Sent: 03-30-2021 09:45
From: Trans Systems
Subject: How to disable weak ssl cipher on management interface

Hi,

How to disable weak ssl cipher on Imperva Gateway version 14.0 when PCI compliance required. I try change status from "true" to "false" at bootstrap.xml following a user guide (https://docs.imperva.com/howto/3df18e7e) but ssl cipher doesn't change. and if enable only ECDHE cipher, Gateway not running.
#On-PremisesWAF(formerlySecuresphere)

------------------------------
Trans Systems
support
Huaykwang
------------------------------

Hi,

I am trying to configure this on version 14.7, however i cannot find the SSL Settings page underneath Global Objects how can i get to this page please

Regards,

Joy

------------------------------
Joy Ampitan
Security Engineer
Ethnos Cyber Limited
Lagos
------------------------------

Original Message:
Sent: 04-06-2021 06:24
From: Francesco Zuliani
Subject: How to disable weak ssl cipher on management interface

Hi ,
If I got it correctly, from 13.3 (i think) you can do it via gui directly : Global Object > SSL Settings

Regards

------------------------------
Zuliani

Original Message:
Sent: 03-30-2021 09:45
From: Trans Systems
Subject: How to disable weak ssl cipher on management interface

Hi,

How to disable weak ssl cipher on Imperva Gateway version 14.0 when PCI compliance required. I try change status from "true" to "false" at bootstrap.xml following a user guide (https://docs.imperva.com/howto/3df18e7e) but ssl cipher doesn't change. and if enable only ECDHE cipher, Gateway not running.
#On-PremisesWAF(formerlySecuresphere)

------------------------------
Trans Systems
support
Huaykwang
------------------------------

Hi Joy,

Which SSL settings do you want to configure?

You can configure SSL settings on GUI if you want to change SSL parameters of protected web servers -> Enabling Disabling SSL ciphers for GW-client negotiation in KRP and TRP mode [e7b24890]

On the other hand, if you want to change SSL parameters of gateway <-> MX communication, you should follow this guide Inter-component Cipher Suites [3df18e7e]

------------------------------
Cezmi Cal
Consultant
Barikat Internet Guvenligi Bilisim Ticaret A.S.
Ankara
------------------------------

Original Message:
Sent: 06-04-2025 07:26
From: Joy Ampitan
Subject: How to disable weak ssl cipher on management interface

Hi,

I am trying to configure this on version 14.7, however i cannot find the SSL Settings page underneath Global Objects how can i get to this page please

Regards,

Joy

------------------------------
Joy Ampitan
Security Engineer
Ethnos Cyber Limited
Lagos

Original Message:
Sent: 04-06-2021 06:24
From: Francesco Zuliani
Subject: How to disable weak ssl cipher on management interface

Hi ,
If I got it correctly, from 13.3 (i think) you can do it via gui directly : Global Object > SSL Settings

Regards

------------------------------
Zuliani

Original Message:
Sent: 03-30-2021 09:45
From: Trans Systems
Subject: How to disable weak ssl cipher on management interface

Hi,

How to disable weak ssl cipher on Imperva Gateway version 14.0 when PCI compliance required. I try change status from "true" to "false" at bootstrap.xml following a user guide (https://docs.imperva.com/howto/3df18e7e) but ssl cipher doesn't change. and if enable only ECDHE cipher, Gateway not running.
#On-PremisesWAF(formerlySecuresphere)

------------------------------
Trans Systems
support
Huaykwang
------------------------------

Hi Cezmi,

Thank you for your response.

Unfortunately, I'm unable to access the links you provided - I keep getting the following error:

ERROR 403 – Permission Required
You don't have sufficient privileges to view this page. To see the page, try logging in.

Could you please confirm what level of access my account needs in order to view those pages?

For further context, I'm trying to change the SSL cipher keys for specific gateways on the MX, as well as specific ports attached to those gateways.

Looking forward to your guidance.

Best regards,

------------------------------
Joy Ampitan
Security Engineer
Ethnos Cyber Limited
Lagos
------------------------------

Original Message:
Sent: 06-04-2025 10:24
From: Cezmi Cal
Subject: How to disable weak ssl cipher on management interface

Hi Joy,

Which SSL settings do you want to configure?

You can configure SSL settings on GUI if you want to change SSL parameters of protected web servers -> Enabling Disabling SSL ciphers for GW-client negotiation in KRP and TRP mode [e7b24890]

On the other hand, if you want to change SSL parameters of gateway <-> MX communication, you should follow this guide Inter-component Cipher Suites [3df18e7e]

------------------------------
Cezmi Cal
Consultant
Barikat Internet Guvenligi Bilisim Ticaret A.S.
Ankara

Original Message:
Sent: 06-04-2025 07:26
From: Joy Ampitan
Subject: How to disable weak ssl cipher on management interface

Hi,

I am trying to configure this on version 14.7, however i cannot find the SSL Settings page underneath Global Objects how can i get to this page please

Regards,

Joy

------------------------------
Joy Ampitan
Security Engineer
Ethnos Cyber Limited
Lagos

Original Message:
Sent: 04-06-2021 06:24
From: Francesco Zuliani
Subject: How to disable weak ssl cipher on management interface

Hi ,
If I got it correctly, from 13.3 (i think) you can do it via gui directly : Global Object > SSL Settings

Regards

------------------------------
Zuliani

Original Message:
Sent: 03-30-2021 09:45
From: Trans Systems
Subject: How to disable weak ssl cipher on management interface

Hi,

How to disable weak ssl cipher on Imperva Gateway version 14.0 when PCI compliance required. I try change status from "true" to "false" at bootstrap.xml following a user guide (https://docs.imperva.com/howto/3df18e7e) but ssl cipher doesn't change. and if enable only ECDHE cipher, Gateway not running.
#On-PremisesWAF(formerlySecuresphere)

------------------------------
Trans Systems
support
Huaykwang
------------------------------