RSA:!aNULL:!eNULL
supports those cipher suites using RSA authentication, but excludes those cipher suites offering no encryption
and authentication.
A valid cipher list must follow the format defined at https://www.openssl.org/docs/man1.0.2/man1/
ciphers.html. Your phone doesn't support all the cipher strings listed on the OpenSSL web page.
For the supported strings, see Supported Cipher Strings, on page 130.
Note
The system regards an invalid value as a blank value. With a blank or an invalid value in the TLS Cipher
List field, the cipher suites used vary with applications. See the following list for the suites that the applications
use when this field is with a blank or an invalid value.
• Web Server (HTTPS) applications use the following cipher suites:
• ECDHE-RSA-AES256-GCM-SHA384
• ECDHE-RSA-AES128-GCM-SHA256
• AES256-SHA
• AES128-SHA
• DES-CBC3-SHA
• SIP, TR-069, and other applications using the curl library use the DEFAULT cipher list, which is
determined at compilation.
• XMPP uses the cipher list HIGH:MEDIUM:AES:@STRENGTH.
Step 3 Click Submit All Changes.
Supported Cipher Strings
The supported cipher strings listed following is based on the OpenSSL 1.0.2l standards.
Table 12: Supported Cipher Strings (OpenSSL 1.0.2l)
StringsStringsStrings
ADHaDSS, DSSDEFAULT
DHaECDSA, ECDSACOMPLEMENTOFDEFAULT
kECDHE, EECDHAES128, AES256, AESALL
ECDHCAMELLIA128, CAMELLIA256,
CAMELLIA
COMPLEMENTOFALL
aRSASEEDMEDIUM
aDHkDHr,kDHd, kDHeNULL, NULL
TLSv1.2, TLSv1, SSLv3kDHE, kEDHaNULL
Cisco IP Phone 8800 Series Multiplatform Phone Administration Guide for Release 11.3(1) and Later
130
Cisco IP Phone Configuration
Supported Cipher Strings
To Next Page
Loading...
Need help?
General
