SSL commands
The device supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for features,
commands, and parameters might differ in FIPS mode and non-FIPS mode.
SSL server policy configuration commands
ciphersuite
Use ciphersuite to specify the cipher suites supported by an SSL server policy.
Use undo ciphersuite to restore the default.
Syntax
In non-FIPS mode:
ciphersuite { dhe_rsa_aes_128_cbc_sha | dhe_rsa_aes_256_cbc_sha | exp_rsa_des_cbc_sha |
exp_rsa_rc2_md5 | exp_rsa_rc4_md5 | rsa_3des_ede_cbc_sha | rsa_aes_128_cbc_sha |
rsa_aes_256_cbc_sha | rsa_des_cbc_sha | rsa_rc4_128_md5 | rsa_rc4_128_sha } *
undo ciphersuite
In FIPS mode:
ciphersuite { dhe_rsa_aes_128_cbc_sha | dhe_rsa_aes_256_cbc_sha | rsa_aes_128_cbc_sha |
rsa_aes_256_cbc_sha } *
undo ciphersuite
Default
An SSL server policy supports all cipher suites.
Views
SSL server policy view
Predefined user roles
network-admin
Parameters
dhe_rsa_aes_128_cbc_sha: Specifies the key exchange algorithm DHE RSA, the data encryption
algorithm 128-bit AES, and the MAC algorithm SHA.
dhe_rsa_aes_256_cbc_sha: Specifies the key exchange algorithm DHE RSA, the data encryption
algorithm 256-bit AES, and the MAC algorithm SHA.
268
To Next Page
Loading...
Need help?
General
