set-nsssl
1.3
A PowerShell script that enables TLS 1.2, disables SSLv2 and SSLv3, creates and binds Diffie-Hellman (DH) key, creates and binds "Strict Transport Security policy" and removes all other ciphers and binds cipher group mentioned in https://www.citrix.com/blogs/2015/05/22/scoring-an-a-at-ssllabs-com-with-citrix-netscaler-the-sequel/
Installation Options
Owners
Copyright
2016
Package Details
Author(s)
- @ryan_c_butler
Tags
Functions
Login Cipher get-ciphers CipherGroup CipherGroup-vpx get-vpnservers get-vservers get-csservers Logout set-cipher set-nscipher set-nsip set-sslprofilebind SaveConfig get-rewritepol EnableFeature SetupSTS set-lbpols set-cspols set-vpnpols checkvpx new-dhkey checkfordhkey set-sslparams enable-sslprof check-nsversion check-defaultprofile check-sslprofile new-sslprofile set-profilecipherbinding set-profilecipher
Dependencies
This script has no dependencies.
Release Notes
03-17-16: Added port 3008 and 3009 to managment ips
03-28-16: Rewrite to reflect PS best practice and managment IP ciphers
06-13-16: Adjusted to reflect https://www.citrix.com/blogs/2016/06/09/scoring-an-a-at-ssllabs-com-with-citrix-netscaler-2016-update/. Also removed management IPS from default. (Tested with 11.0 65.31)
06-14-16: Now supports HTTPS
07-02-16: Added "nosave" paramenter
03-11-17: Default SSL profile additions for 11.1 and greater
06-02-17: Changes for default profile and add for policy priority argument. Also added some error handling
08-27-17: Formatting for PS Gallery
01-27-18: Adjustment for default profile version https://support.citrix.com/article/CTX205291
FileList
- set-nsssl.nuspec
- set-nsssl.ps1
Version History
| Version | Downloads | Last updated |
|---|---|---|
| 1.3 (current version) | 568 | 1/27/2018 |