Share via

SSL RC4 Cipher Suites Supported (Bar Mitzvah)

Veronica N 1 Reputation point
2021-06-15T12:24:15.753+00:00

We are having this vulnerability on Windows 2012 server that has Exchange 2016 installed. It is a hybrid server. Is it safe to disable RC4 on exchange servers. I have not been able to get a clear info regarding the process to disable for Exchange servers, Please help.

Exchange | Hybrid management
Exchange | Hybrid management
The administration of a hybrid deployment that connects on-premises Exchange Server with Exchange Online, enabling seamless integration and centralized control.

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Andy David - MVP 159.8K Reputation points MVP Volunteer Moderator
    2021-06-15T12:41:21.017+00:00

    Enable TLS 1.2 and those ciphers wont be used:
    https://docs.digicert.com/certificate-tools/discovery-user-guide/tlsssl-endpoint-vulnerabilities/rc4-cipher-enabled/

    105766-image.png

    You can follow this guidance for Exchange to do that:

    https://techcommunity.microsoft.com/t5/exchange-team-blog/exchange-server-tls-guidance-part-1-getting-ready-for-tls-1-2/ba-p/607649

    Its three parts so go through each section carefully and test.

    0 comments
  2. KyleXu-MSFT 26,396 Reputation points
    2021-06-16T01:25:57.26+00:00

    @Veronica N

    Here is also a blog which suggest disable RC4 ciphers:
    106011-qa-kyle-09-22-58.png
    106012-qa-kyle-09-23-14.png

    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.