I recently noticed that my lab Access Manager (Single Box Appliance) was no longer getting an "A" rating on SSL Labs. I was using previously recommended settings of:
SSLProtocol TLSv1.1 +TLSv1.2
That SSL Cipher Suite is listed in an older thread on this forum. These settings give a "B" rating. I found another cipher suite setting in the NAM docs under the Advanced Configuration section and they were even worse, they resulted in a "C" result.
After some testing, I got an A+ with this:
SSLProtocol all -TLSv1.1 -TLSv1 -SSLv2 -SSLv3
Wondering what others are using? I'm not sure if anything (like older browsers) breaks with this.
Is there an official doc from NetIQ listing the recommended best settings? I couldn't find anything.