You can configure the HTML Access Agent to use specific cipher suites instead of the default set of ciphers.
By default, the HTML Access Agent requires incoming TLS connections to use encryption based on certain ciphers that provide strong protection against network eavesdropping and forgery. You can configure an alternative list of ciphers for the HTML Access Agent to use. The set of acceptable ciphers is expressed in the OpenSSL format, which is described at https://www.openssl.org/docs/manmaster/man1/ciphers.html.
Procedure
Results
To revert to using the default cipher list, delete the SslCiphers value and restart the VMware Blast service. Do not simply delete the data part of the value because the HTML Access Agent will then treat all ciphers as unacceptable, in accordance with the OpenSSL cipher list format definition.
When the HTML Access Agent starts, it writes the cipher definition in the VMware Blast service's log file. You can discover the current default cipher list by inspecting the logs when the VMware Blast service starts with no SslCiphers value configured in the Windows Registry.
The HTML Access Agent default cipher definition might change from one release to the next to provide improved security.