docs-site icon indicating copy to clipboard operation
docs-site copied to clipboard

Published 20 hours ago verified publisher icon zowe

Document default ciphers used by Zowe

Open zFernand0 opened this issue 1 year ago • 1 comments

Description

We should document all default ciphers used/supported by Zowe. Having it in a central location will be ideal.

Pages to Update

https://docs.zowe.org/stable/user-guide/api-mediation/configuration-at-tls/#ciphers https://docs.zowe.org/stable/user-guide/mvd-configuration#defining-the-at-tls-rule

zFernand0 avatar Sep 30 '24 21:09 zFernand0

Those two pages are for AT-TLS, which is not the only TLS used, nor default. Default (native) TLS of zowe servers (should & probably) is identical across the board since we follow security alerts to always have the most modern list.

One place you can see the list is here https://github.com/zowe/zlux-server-framework/blob/v2.x/staging/lib/unp-constants.js#L293-L307

When using AT-TLS, the user decides the ciphers. We can only recommend. However, our recommendation should closely follow https://wiki.mozilla.org/Security/Server_Side_TLS as this is a regularly updated and respected resource

1000TurquoisePogs avatar Oct 02 '24 17:10 1000TurquoisePogs

Add note to installing zowe article re: Mozilla ciphers https://docs.zowe.org/stable/user-guide/install-overview

JTonda avatar Jun 11 '25 18:06 JTonda