Jump to content


Photo

Need a nudge in the correct direction

TLS SSL Ciphers Connections

  • Please log in to reply
3 replies to this topic

#1 cyphershadow OFFLINE  

cyphershadow

    Newbie

  • Members
  • 5 posts
  • Local time: 07:49 PM

Posted 14 February 2020 - 11:35 AM

Good morning everyone.

 

First I'd like to say how incredible this platform is, and express what a kick ass job you all are doing.  Miles beyond my previous Plex setup, more streamlined, and just incredible. 

 

I was wondering if someone could point me in the direction of a configuration file, or process for restricting which SSL/TLS connection configurations are accepted by the Emby web server.  A review of accepted connections is showing the server accepting TLSv1.0 which is insecure, TLSv1.1 which is coming up on phase out this year, and a mix of insecure/anonymous ciphers.  I would like to restrict the server from accepting connections using  these configurations, but am having trouble locating any form of proper configuration file within my qnap directories (Granted qnap CLI is not the best).

 

I am aware of the potential issue with disabling these items and that it could cause issues with certain devices, but I would rather lock this down since it will be open to the net.

 

Thanks for any assistance.  Keep up the good work!

 

Edit: Almost forgot.  I'm running version 4.3.1.0 on a Qnap TS-451 on firmware 4.4.1.1146.


Edited by cyphershadow, 14 February 2020 - 11:36 AM.


#2 Luke OFFLINE  

Luke

    System Architect

  • Administrators
  • 153190 posts
  • Local time: 09:49 PM

Posted 14 February 2020 - 06:01 PM

hi @cyphershadow we don't currently have any options to control this but we could add this to the network settings screen.



#3 cyphershadow OFFLINE  

cyphershadow

    Newbie

  • Members
  • 5 posts
  • Local time: 07:49 PM

Posted 14 February 2020 - 09:43 PM

@Luke, that would be great if it could be integrated in the GUI, or if there was a manual config file that could be edited for those that want to tweak things.  With TLSv1.1 being dropped in the next couple months and flash at the end of the year I'm sure a ton over web based apps are going to be needing overhauls. 

 

You guys are doing great.



#4 Luke OFFLINE  

Luke

    System Architect

  • Administrators
  • 153190 posts
  • Local time: 09:49 PM

Posted 14 February 2020 - 10:25 PM

Yup we can add it. I'll try to get it in for 4.4. Thanks.







Also tagged with one or more of these keywords: TLS, SSL, Ciphers, Connections

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users