posted

0 Comments

Hi everyone,

One question that comes up regularly is “What ciphers are supported on vCenter and ESXi?”. I’m happy to share that we have published a VMware Knowledge Base article outlining the supported ciphers!

With all of the challenges around SSL/TLS the past year or two, having a solid idea of what ciphers are being used is becoming critical information that is necessary for IT and security teams to do their jobs.

Rather than list the ciphers here, I’ll just point you at the KB as it will be the central repository for this information and will be updated as necessary.

Please note that on some products like VCSA you’ll find more than one OpenSSL binary. For example, the VCSA will ship with a default OpenSSL binary from SUSE, the OS provider and from VMware. VMware uses OpenSSL we develop and ship and not the OS binaries. When this list was created it was done using the VMware binaries. This is helpful to understand in case your scanning tools only check against the OS binaries and report a false positive.

If you have questions, please respond directly to the KB using the provided feedback mechanism at the end of the KB article.

Thanks for reading!

If you liked these posts, please let me know! If you have comments, please reply here, to @vspheresecurity or @mikefoley on Twitter or via email to mfoley@VMware.com or mike@yelof.com

About the Author

Mike Foley

Mike Foley is a Senior Technical Marketing Architect at VMware. His primary focus is on security of the core platform, vSphere.

His primary goal is to help IT/VI Admins build more secure platforms that stand up to scrutiny from security teams with the least impact to IT Operations.

Mike is also the current author of the vSphere Security Configuration (formerly Hardening) Guide.

Previously, Mike was on the evangelist team at RSA where he concentrated on virtualization and cloud security and contributed as a member of the product architect team.

Mike has a personal blog at https://yelof.com and contributes to the VMware vSphere and Security blogs as well.

Follow him at @vSphereSecurity on Twitter