A cipher suite whitelist ensures that Acrolinx only uses certain cipher suites when serving pages over a secure connection. You don't have to configure a cipher whitelist, but you might need to if your security policy only allows highly secure cipher suites when communicating over a secure connection.
To configure a cipher suite whitelist, follow these steps:
- Open your overlay of the core server properties file.
You find the overlay for the core server properties file in the following location:
Add the following property:
Enter the cipher suite names in a comma-separated list. We recommend that you allow only highly secure cipher suites and exclude medium and weak cipher suites. For this setup, you would enter the property as follows:
- Save your changes and restart the core server.