Knowledge Base

Document information

Document ID: 5313
Subject: How to enable Forward Secrecy for SynaMan/Syncrify
Creation date: 9/12/19 11:25 AM
Last modified on: 9/12/19 11:29 AM

Enabling Forward Secrecy

This article applies to both SynaMan and Syncrify

When deploying SynaMan/Syncrify for public use, we recommend you follow industry best practices to make the SSL/TLS connections more secure. This page discusses a few tips on how to make the SSL/TLS better in SynaMan.

SSL Ciphers

List of secure SSL Ciphers gradually change. When a vulnerability is discovered related to a particular cipher, it gets deprecated and therefore, you should stop using it.

Following step demonstrate how to change the list of supported ciphers in SynaMan/Syncrify.

  • Create/Modify file.
  • Add the following property
    ssl.cipher.list=List of commma separated cipher list
    For example:

Forward Secrecy

Along with using updated ciphers, you need the following line in to achieve forward secrecy.

TLS Protocol

If you wish to enable/disable certain TLS versions, use the following parameter in
The example above, will only use TLS1.1 and TLS1.2


Some older browsers may not support newer ciphers or TLS versions. Therefore, you may end up locking legitimate users by tightening the ciphers too much.

Add a comment to this document

Do you have a helpful tip related to this document that you'd like to share with other users?

Important: This area is reserved for useful tips. Therefore, do not post any questions here. Instead, use our public forums to post questions.


Social Media

Powered by