Isilon InsightIQ: How to disable weak SSL/TLS ciphers for InsightIQ
Summary: This article describes how to disable SSL/TLS ciphers that are considered weak.
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Instructions
WARNING: This change will implicitly disable everything except for TLS 1.2.
1. Connection to InsightIQ via SSH
2. Open the uwsgi.ini configuration file with a text editor
vi /etc/isilon/uwsgi.ini
3. Append :!SHA to the end of the https setting. When you're done, the line will look like this:
Note: If your machine has IPv6 disabled, the value will start with 0.0.0.0 instead of [::]
https = [::]:443,/etc/ssl/certs/server.crt,/etc/ssl/certs/server.key,ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS:!SHA
4. Restart InsightIQ by running the following command:
iiq_restart
Additional Information
Affected Products
Isilon InsightIQProducts
Isilon InsightIQArticle Properties
Article Number: 000022835
Article Type: How To
Last Modified: 03 Apr 2025
Version: 5
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.