ssl-v3-cipher-specs

ssl-v3-cipher-specs

This stanza entry defines the Secure Sockets Layer (SSL), Version 3, ciphers.

ssl-v3-cipher-specs = configuration string

To specify the ciphers for SSL Version 3, modify the ssl-v3-cipher-specs parameter value in the appropriate configuration file. We can specify one or more ciphers. Enter multiple ciphers in a comma-separated list.
Any SSL Version 3 connection to an ISAM server or service is limited to the set of ciphers defined in the ssl-v3-cipher-specs parameter.
Options

configuration string

Allowed SSLV30 CipherSpecs:

TLS_RSA_WITH_NULL_NULL, TLS_RSA_WITH_NULL_MD5, TLS_RSA_WITH_NULL_SHA, TLS_RSA_EXPORT_WITH_RC4_40_MD5, TLS_RSA_WITH_RC4_128_MD5, TLS_RSA_WITH_RC4_128_SHA, TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5, TLS_RSA_WITH_DES_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA, TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA (Deprecated), TLS_RSA_EXPORT1024_WITH_RC4_56_SHA (Deprecated), SSL_RSA_FIPS_WITH_DES_CBC_SHA (Deprecated), SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA (Deprecated), TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA

FIPS and NIST SP800-131a allowed SSLV30 CipherSpecs:

None

Usage

Optional.
Default value

Default SSLV30 CipherSpecs:

TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA, TLS_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_RC4_128_MD5, TLS_RSA_WITH_DES_CBC_SHA, TLS_RSA_EXPORT_WITH_RC4_40_MD5, TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5, TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, TLS_RSA_WITH_NULL_SHA, TLS_RSA_WITH_NULL_MD5

Example

ssl-v3-cipher-specs = TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA

Parent topic: [ssl] stanza