Information
Enable SSL server version to TLS 1.2
Rationale:
Given that the network may be prone to sniffing, the HTTP access to the security appliance must be secured with SSL or TLS protocols. The latest version of SSL that is SSL v3 is now inclined to many vulnerabilities and systems should use at least TLS 1.2 as SSL server version.
Solution
For version 8.x, run the following command to enable AES 256 algorithm
hostname(config)# ssl encryption aes256-sha1
For version 9.x, run the following command to enable AES 256 algorithm
hostname(config)# ssl cipher tlsv1.2