Hi
I need some help in cipher suites. Our security team performed a qualys scan on our devices and we got flagged for the following 3 ciphers.
but we have already disabled these ciphers in java.security file. what I don't understand is why are these 3 ciphers being flagged when its already add in the disabled list
Disables ciphers
jdk.tls.disabledAlgorithms=SSLv3, TLSv1.0, TLSv1, TLSv1.1, RC4, DES, DSA, MD5withRSA, \
DH keySize < 2048, RSA keySize < 2048, EC keySize < 224, 3DES_EDE_CBC, anon, NULL, DES_CBC, \
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, \
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, \
TLS_DHE_RSA_WITH_AES_256_CBC_SHA, \
TLS_DHE_DSS_WITH_AES_256_CBC_SHA, \
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, \
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, \
TLS_DHE_RSA_WITH_AES_128_CBC_SHA, \
TLS_DHE_DSS_WITH_AES_128_CBC_SHA, \
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, \
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, \
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, \
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, \
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, \
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, \
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, \
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, \
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, \
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, \
TLS_DHE_RSA_WITH_AES_256_CBC_SHA, \
TLS_DHE_DSS_WITH_AES_256_CBC_SHA, \
TLS_DHE_RSA_WITH_AES_128_CBC_SHA, \
TLS_DHE_DSS_WITH_AES_128_CBC_SHA, \
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, \
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, \
TLS_CHACHA20_POLY1305_SHA256,\
TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, \
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, \
include jdk.disabled.namedCurves