Information
MariaDB supports multiple encryption ciphers. Ciphers can vary in strength, speed and overhead.
Rationale:
Requiring clients attempting to connect to MariaDB to use strong ciphers protects data in transit.
Impact:
Connections attempting to use an unsupported cipher will fail.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Set ssl_cipher to one or more approved cipher suites in your MariaDB configuration file, then restart MariaDB.
For example, set:
ssl_cipher='ECDHE-ECDSA-AES128-GCM-SHA256'
Default Value:
None