diff --git a/cfg/1.11-json/node.yaml b/cfg/1.11-json/node.yaml
index 5ea7de245c5e750f7a03ad1fa121d8c32de270b6..68d8e2de89515c67664ed06a18c7b79c5d232172 100644
--- a/cfg/1.11-json/node.yaml
+++ b/cfg/1.11-json/node.yaml
@@ -314,7 +314,7 @@ groups:
test_items:
- path: "{.tlsCipherSuites}"
compare:
- op: eq
+ op: valid_elements
value: "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256"
set: true
remediation: |
diff --git a/cfg/1.11/node.yaml b/cfg/1.11/node.yaml
index a092c79899c186017fafc9efde011491ac8d2f22..96098d1d3dec9dfb7cb96fb35876ba8a72c4414a 100644
--- a/cfg/1.11/node.yaml
+++ b/cfg/1.11/node.yaml
@@ -311,7 +311,7 @@ groups:
test_items:
- flag: "--tls-cipher-suites"
compare:
- op: eq
+ op: valid_elements
value: "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256"
set: true
remediation: |
diff --git a/cfg/1.13/node.yaml b/cfg/1.13/node.yaml
index c924fddc568139a2b08b3a72ef6b71039dc7f341..cb288e5ce61a55153078853bc0b0c06a43f6f9ce 100644
--- a/cfg/1.13/node.yaml
+++ b/cfg/1.13/node.yaml
@@ -293,7 +293,7 @@ groups:
test_items:
- flag: "--tls-cipher-suites"
compare:
- op: eq
+ op: valid_elements
value: "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256"
set: true
remediation: |