SSL cipher specifications
When an SSL connection is established, the client (web browser) and the web server negotiate the cipher to use for the connection. The web server has an ordered list of ciphers, and the first cipher in the list that is supported by the client is selected.
Introduction
View the list of current of SSL ciphers.
Attention: This list of ciphers could change
as a result of updates to industry standards. You can determine the list of ciphers supported in a
particular version of IBM HTTP Server by configuring it to load mod_ibm_ssl and running
bin/apachectl -t -f path/to/httpd.conf -DDUMP_SSL_CIPHERS.
The SSLFIPSEnable directive enables Federal Information Processing Standards (FIPS). When the SSLFIPSEnable directive is enabled, the set of ciphers available is restricted as shown, and SSLv2 and SSLv3 are disabled as well as TLSv11 and TLSv12. Only TLSv10 is enabled for FIPS compliance.
Avoid trouble:
- Ciphers containing "ECDHE_RSA" in their name use a standard RSA certificate and can coexist with older RSA ciphers and clients.
- Ciphers containing "ECDHE_ECDSA" in their name requires an ECC (Elliptic Curve Cryptography) certificate/key to be created (with gskcapicmd if you are running on a distributed platform, or gskkyman if you are running on z/OS).
- On z/OS, several criteria must be met to use "ECDHE" ciphers:
- ICSF must be available to use ECC or AES-GCM ciphers. See RACF CSFSERV Resource Requirements in the z/OS Cryptographic Services System SSL Programming for more information.
- Ciphers containing "ECDHE" or "GCM" in their name must be explicitly enabled and should be enabled via their "long name". These ciphers will fail at runtime if the RACF CSFSERV Resource Requirements are not met.
SSL and TLS ciphers
Attention: SSL and TLS cipher values:
- "-" = cipher that is not valid for the protocol
- "d" = cipher is enabled by default
- "d*"= cipher is enabled by default on distributed platforms only
- "y" = cipher is valid but not enabled by default
- "y*" = In prior maintenance levels, cipher was enabled by default
("d" or "d*").
- cipher is valid but not enabled by default.
- cipher is valid and enabled by default.
For transitioning users: To improve security, IBM HTTP Server Version 8.0 disables weak SSL ciphers,
export SSL ciphers, and the SSL version 2 protocol by default. SSL Version 2, weak ciphers, and
export ciphers are generally unsuitable for production SSL workloads on the internet and are flagged
by security scanners. To enable ciphers, use the SSLCipherSpec directive.
Short name | Long name | Key size (bits) | FIPS | SSLV2 | SSLV3 | TLSv10 | TLSv11 | TLSv12 |
---|---|---|---|---|---|---|---|---|
C030 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 | 256 | y | - | - | - | - | d* |
C02F | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 | 128 | y | - | - | - | - | d* |
C028 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 | 256 | y | - | - | - | - | d* |
C027 | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 | 128 | y | - | - | - | - | d* |
C014 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA | 256 | y | - | - | - | - | d* |
C013 | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA | 128 | y | - | - | - | - | d* |
9D | TLS_RSA_WITH_AES_256_GCM_SHA384 | 256 | y | - | - | - | - | y* |
9C | TLS_RSA_WITH_AES_128_GCM_SHA256 | 128 | y | - | - | - | - | y* |
3D | TLS_RSA_WITH_AES_256_CBC_SHA256 | 256 | y | - | - | - | - | y* |
3C | TLS_RSA_WITH_AES_128_CBC_SHA256 | 128 | y | - | - | - | - | y* |
35b | TLS_RSA_WITH_AES_256_CBC_SHA | 256 | y | - | y | y* | y* | y* |
2F | TLS_RSA_WITH_AES_128_CBC_SHA | 128 | y | - | y | y* | y* | y* |
C023 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | 128 | y | - | - | - | - | d* |
C024 | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 | 256 | y | - | - | - | - | d* |
C009 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA | 128 | y | - | - | - | - | d* |
C00A | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA | 256 | y | - | - | - | - | d* |
C02B | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | 128 | y | - | - | - | - | d* |
C02C | TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 | 256 | y | - | - | - | - | d* |
Note: The
TLSv10
and TLSv11
protocols are not enabled
by default after IBM HTTP Server versions 9.0.5.9. and 8.5.5.20.Note: 3DES ciphers are disabled by default on IBM HTTP Server version
8.5.5.13 and later.
Attention: * indicates that SSLv3 is disabled by default in version 8.5.5.4 and later
with PI27904.
Attention: ** indicates that the ECDHE cipher is enabled by default for
TLSv1.2 in versions 8.5.5.12 and 8.0.0.14 and after.
Weaker ciphers, not enabled by default:
Short name | Long name | Key size (bits) | FIPS | SSLV2 | SSLV3 | TLSv10 | TLSv11 | TLSv12 |
---|---|---|---|---|---|---|---|---|
C010 | TLS_ECDHE_RSA_WITH_NULL_SHA | 0 | y | - | - | - | - | y |
C008 | TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA | 168 | y | - | - | - | - | y |
C012 | TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA | 168 | y | - | - | - | - | y |
3A | SSL_RSA_WITH_3DES_EDE_CBC_SHA | 168 | y | - | y | y | y | y |
C007 | TLS_ECDHE_ECDSA_WITH_RC4_128_SHA | 128 | y | - | - | - | - | y |
C011 | TLS_ECDHE_RSA_WITH_RC4_128_SHA | 128 | y | - | - | - | - | y |
35 | SSL_RSA_WITH_RC4_128_SHA | 128 | - | - | y | y | y | y |
34 | SSL_RSA_WITH_RC4_128_MD5 | 128 | - | - | y | y | y | - |
39 | SSL_RSA_WITH_DES_CBC_SHA | 56 | - | - | y | y | y | - |
33 | SSL_RSA_EXPORT_WITH_RC4_40_MD5 | 40 | - | - | y | y | - | - |
36 | SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 | 40 | - | - | y | y | - | - |
62 | TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA | 56 | - | - | y | y | - | - |
64 | TLS_RSA_EXPORT1024_WITH_RC4_56_SHA | 56 | - | - | y | y | - | - |
32 | SSL_RSA_WITH_NULL_SHA | 0 | - | - | y | y | y | y |
31 | SSL_RSA_WITH_NULL_MD5 | 0 | - | - | y | y | y | - |
3B | TLS_RSA_WITH_NULL_SHA256 | 0 | y | - | - | - | - | y |
30 | SSL_NULL_WITH_NULL_NULL | 0 | - | - | y | y | y | y |
27 | SSL_DES_192_EDE3_CBC_WITH_MD5 | 168 | - | y | - | - | - | - |
21 | SSL_RC4_128_WITH_MD5 | 128 | - | y | - | - | - | - |
23 | SSL_RC2_CBC_128_CBC_WITH_MD5 | 128 | - | y | - | - | - | - |
26 | SSL_DES_64_CBC_WITH_MD5 | 56 | - | y | - | - | - | - |
24 | SSL_RC2_CBC_128_CBC_EXPORT40_WITH_MD5 | 40 | - | y | - | - | - | - |
22 | SSL_RC4_128_EXPORT40_WITH_MD5 | 40 | - | y | - | - | - | - |
FE | SSL_RSA_FIPS_WITH_DES_CBC_SHA | 56 | - | - | - | - | - | - |
FF | SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA | 168 | - | - | - | - | - | - |