Low Transport Layer Security scoring and other questions

Get help with installation and setup problems
Post Reply
cmarsura
Posts: 49
Joined: Mon May 22, 2017 2:28 pm

Low Transport Layer Security scoring and other questions

Post by cmarsura » Mon May 22, 2017 3:01 pm

Hi
I am evaluating TsPlus 10.30.5.15 installed on Windows Server 2012 R2.

I have some concerns about the scoring rated "F" received by SSL Labs Online Testing Tool, received with a 'out of the box' installation.
Using the SSL Cipher Selection Tool I disabled the weak ciphers, but however the rating "F" received warns that there are no support for TLS 1.1 nor 1.2, there is no Key Exchange support, server is vulnerable to POODLE and FREACK attacks.

A) There is a way to mitigate this situation to receive an "A" score as stated in http://www.terminalserviceplus.com/docs/ciphers-suites ?
B) Is the communication between application servers and reverse-proxy server secure?
C) What are the maximum number of servers/connections (to the application servers behind) that the proxy is able to manage?
D) I see a bunch of threads (about 150) started by HTML5Service.exe; is the maximum number of connections limited by this number?

Thank you.

juwagn
Site Admin
Posts: 239
Joined: Wed Oct 15, 2014 8:25 pm

Re: Low Transport Layer Security scoring and other questions

Post by juwagn » Mon May 22, 2017 8:00 pm

Hello,

A)
your warning is evidence of usage of old Java version, I assume Java6.
Install latest Java8 to fix your issues.
To check, what you have just call the link on server side
http://localhost/w0j41
or
http://your-domain.com/w0j41
These links will give you advanced info.

B) yes

C) so much your hardware allows, the more cores you have the better speed.

D) HTML5Service.exe is copied/renamed java.exe file to make it easy to distinguish. If you have 150 threads (i assume you mention not Java threads but system threads from Resource monitor) while there are no connections then it is necessary so for Java virtual machine.
TSplus HTML5 and Java web engineer

cmarsura
Posts: 49
Joined: Mon May 22, 2017 2:28 pm

Re: Low Transport Layer Security scoring and other questions

Post by cmarsura » Tue May 23, 2017 9:09 am

You are right!
After upgrading to latest Java version the scoring become a full "A".

Thank you.

Post Reply