Update the cipher profile on a cloud load balancer
Secure Sockets Layer (SSL) ciphers are algorithms that help secure networking connections by using
Transport Layer Security (TLS). However, the cipher SSL_RSA_WITH_3DES_EDE_CBC_SHA
has been
identified as vulnerable to potential intrusion. Rackspace is therefore enabling you to update the
ciphers that your cloud load balancers use to better protect your environment.
You can update the cipher profiles from the Cloud Control Panel.
For more information about cipher profiles and to see all available ciphers, see Ciphers in the Rackspace developer documentation.
The following cipher profiles are currently available:
Default
: TheDefault
cipher profile has cipherSSL_RSA_WITH_3DES_EDE_CBC_SHA
enabled.CLBCipherPolicy2017-08
: This cipher profile has cipherSSL_RSA_WITH_3DES_EDE_CBC_SHA
disabled.CLBCipherPolicy2019-05
: This cipher profile has all ciphers disabled except the following ones:SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384
SSL_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Update the cipher profile by using the MyCloud portal
Use the following steps to update the cipher profile from the Load Balancer page in the Cloud Control Panel:
-
Log in to the Cloud Control Panel with your username and password.
-
In the top navigation bar click Select a Product > Rackspace Cloud.
-
Select Networking > Load Balancers.
-
Select the Load Balancer you want to update.
-
Scroll to the Optional Features section.
-
Select the pencil icon next to Secure Traffic (SSL).
-
Update the ciphers and TLS versions.
-
Select Save SSL Configuration.
Updated about 1 year ago