For maximum security, you must configure VMware Aria Operations components to use strong ciphers. To ensure that only strong ciphers are selected, deactivate the use of weak ciphers. Configure the server to support only strong ciphers and to use sufficiently large key sizes. Also, configure the ciphers in a suitable order.

VMware Aria Operations deactivates the use of cipher suites using the DHE key exchange by default. Ensure that you deactivate the same weak cipher suites on all load balancers before you put the system into production.

Using Strong Ciphers

The encryption cipher negotiated between the server and the browser determines the key exchange method and encryption strength that is used in a TLS session.