R3721-F3210-F3171-HP High-End Firewalls Network Management Command Reference-6PW101
992
SSL configuration commands
IMPORTANT:
The FIPS mode is available only for the firewall modules. For more information about FIPS, see
Access
Control Configuration Guide
.
ciphersuite
Syntax
In non-FIPS mode:
ciphersuite [ dhe_rsa_aes_128_cbc_sha | dhe_rsa_aes_256_cbc_sha | rsa_3des_ede_cbc_sha |
rsa_aes_128_cbc_sha | rsa_aes_256_cbc_sha | rsa_des_cbc_sha | rsa_rc4_128_md5 |
rsa_rc4_128_sha ] *
In FIPS mode:
ciphersuite [ dhe_rsa_aes_128_cbc_sha | dhe_rsa_aes_256_cbc_sha | rsa_aes_128_cbc_sha |
rsa_aes_256_cbc_sha ] *
View
SSL server policy view
Default level
2: System level
Parameters
dhe_rsa_aes_128_cbc_sha: Specifies the key exchange algorithm of DH_RSA, the data encryption
algorithm of 128-bit AES_CBC, and the MAC algorithm of SHA.
dhe_rsa_aes_256_cbc_sha: Specifies the key exchange algorithm of DH_RSA, the data encryption
algorithm of 256-bit AES_CBC, and the MAC algorithm of SHA.
rsa_3des_ede_cbc_sha: Specifies the key exchange algorithm of RSA, the data encryption algorithm of
3DES_EDE_CBC, and the MAC algorithm of SHA.
rsa_aes_128_cbc_sha: Specifies the key exchange algorithm of RSA, the data encryption algorithm of
128-bit AES_CBC, and the MAC algorithm of SHA.
rsa_aes_256_cbc_sha: Specifies the key exchange algorithm of RSA, the data encryption algorithm of
256-bit AES_CBC, and the MAC algorithm of SHA.
rsa_des_cbc_sha: Specifies the key exchange algorithm of RSA, the data encryption algorithm of
DES_CBC, and the MAC algorithm of SHA.
rsa_rc4_128_md5: Specifies the key exchange algorithm of RSA, the data encryption algorithm of
128-bit RC4, and the MAC algorithm of MD5.
rsa_rc4_128_sha: Specifies the key exchange algorithm of RSA, the data encryption algorithm of 128-bit
RC4, and the MAC algorithm of SHA.
The following matrix shows the keyword and firewall compatibility: