How to improve security of connection to AhsayCBS (Strong Cipher, TLS protocol and PFS)?

23 Aug, 2024

Please use the following steps to improve security of connection to AhsayCBS (Strong Cipher, TLS protocol and PFS).

To change the TLS setting:

  1. Go to C:\Program Files\AhsayCBS\conf
  2. Open the server.xml file with a text editor.
  3. Search for the line protocols="TLSv1+TLSv1.1+TLSv1.2"
  4. Change it to protocols="TLSv1.2"
  5. Save the changes to the server.xml file.


To change the cipher settings:

  1. Go to C:\Program Files\AhsayCBS\conf
  2. Open the server.xml file with a text editor.
  3. Search for the line ciphers="HIGH:!aNULL:!MD5"
    • Option 1 - For AhsayCBS server with version 7 and 8 backup clients
      • Change it to ciphers="TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"
    • Option 2 - For AhsayCBS server with version 8 backup clients only (DO NOT use this option if there is version 7 AhsayOBM / ACB client connecting to your CBS)
      • Change it to ciphers="TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"
  4. Save the changes to the server.xml file.
Video Page
How to improve security of connection to AhsayCBS (Strong Cipher, TLS protocol and PFS)?