To resolve this issue, enable the Do not allow connections from browsers that only accept weak ciphers
option, under the Security Option on the PCS admin page, as mentioned below:
- Go to System > Configuration > Security > SSL Options:
- Min. recommendation is Accept only TLS
- Under Allow Encryption Strength, select Custom SSL Cipher Selection and enable AES and AES/3DES
- Under Encryption Strength option, select the Do not allow connections from browsers that only accept weaker ciphers check box.
- Click Save Changes.
Note: Changing any of the above settings might restart some services in the Pulse Connect Secure.
The following setting will disable RC4 and EXPORT cipher suites which have known vulnerabilities. For further security best practices, please refer to KB29805 - Pulse Connect Secure: Security configuration best practices