12-28-2017, 04:52 PM
A recent security scan shows my Yealink phones as having certificate vulnerabilities. Below are examples. Does Yealink offer a more secure certificate? Is there a method for me to disable certain ciphers? Is there a method for me to enable TLS 1.2 and disable earlier versions?
"The remote host supports the use of SSL ciphers that offer weak encryption."
The remote host supports the use of RC4 in one or more cipher suites. The RC4 cipher is flawed in its generation of a pseudo-random stream of bytes so that a wide variety of small biases are introduced into the stream, decreasing its randomness.
The server's X.509 certificate cannot be trusted.
"The remote host supports the use of SSL ciphers that offer weak encryption."
The remote host supports the use of RC4 in one or more cipher suites. The RC4 cipher is flawed in its generation of a pseudo-random stream of bytes so that a wide variety of small biases are introduced into the stream, decreasing its randomness.
The server's X.509 certificate cannot be trusted.