Configure a Cipher Suite Whitelist

A cipher suite whitelist ensures that Acrolinx only uses certain cipher suites when serving pages over a secure connection. You don't have to configure a cipher whitelist, but you might need to if your security policy only allows highly secure cipher suites when communicating over a secure connection.

To configure a cipher suite whitelist, follow these steps:

  1. Open your overlay of the core server properties file.

    You find the overlay for the core server properties file in the following location:

    %ACROLINX_CONFIGURATION_ROOT%\server\bin\coreserver.properties
  2. Add the following property: 

    sslCipherSuiteWhitelist=<CIPHER_SUITE_NAMES>

    Enter the cipher suite names in a comma-separated list. We recommend that you allow only highly secure cipher suites and exclude medium and weak cipher suites. For this setup, you would enter the property as follows:

    Example:
    sslCipherSuiteWhitelist=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
  3. Save your changes and restart the core server.