ServerTlsCiphers and ClientTlsCiphers will be the following: AESGCM:HIGH:+EDH-DSS-DES-CBC3-SHA:+DES-CBC3-SHA :!ECDHE-RSA-AES256-SHA384 AESGCM:HIGH:+EDH-DSS-DES-CBC3-SHA:+DES-CBC3-SHA: !ECDHE-RSA-AES256-SHA384 ! (exclamation point)
![openssl test tls 1.2 with certificate openssl test tls 1.2 with certificate](https://tankeryang.github.io/posts/docker%E9%85%8D%E7%BD%AETLS%E8%AE%A4%E8%AF%81%E5%BC%80%E5%90%AF%E8%BF%9C%E7%A8%8B%E8%AE%BF%E9%97%AE/pic2.png)
Modify the server and the Client TLS cipher variables to delete the cipher from the list permanently. Note: In the OpenSSL site, the cipher is equal to the ECDHE-RSA-AES256-SHA384 value.
![openssl test tls 1.2 with certificate openssl test tls 1.2 with certificate](http://i.stack.imgur.com/Umc2b.jpg)
OPENSSL TEST TLS 1.2 WITH CERTIFICATE MANUAL
![openssl test tls 1.2 with certificate openssl test tls 1.2 with certificate](https://www.adminbyaccident.com/wp-content/uploads/2020/07/SSL_Labs_Test_result_2.png)
While performing SSL protocol security scans, the SMTP and email Encryption settings can be modified using mailserver.cfg file.