![在这里插入图片描述](https://img-blog.csdnimg.cn/686beab8234942f792ab14ec1cf6264f.png#pic_center
整改建议
1、nginx
修改 /etc/nginx/conf.d/ssl.conf 文件
找到 ssl_ciphers 行:
ssl_ciphers HIGH:!aNULL:!MD5:!DES:!3DES;
然后重载服务器配置:
nginx -t #检测配置文件是否有语法错误,然后退出
nginx -s reload #重新加载Nginx配置文件,然后以优雅的方式重启Nginx
2、apache
xx/apache2.4.39/conf/httpd.conf
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:+HIGH:+MEDIUM:-LOW:!RC4:!NULL
LoadModule ssl_module modules/mod_ssl.so
然后重启tomcat
3、haproxy
vim /etc/haproxy/haproxy.cfg
global
ssl-default-bind-options no-sslv3
ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
然后重启haproxy
systemctl reload haproxy.service