Secure Cipher Suite

The Secure protocol and the Security mode affect which cipher suite is selectable during an SSL handshake. The order in which the SPAdmin tool presents the cipher suite is dependent on the Secure protocol and Security mode that is enabled. The table below illustrates which cipher suites are valid for each protocol and mode. The SPAdmin tool allows you to enable or select ten from the list. However, during the SSL handshake any selection that is not valid for the Secure protocol and Security mode selected are ignored. At least one cipher must be valid for the protocol and mode enabled in both the PNODE and SNODE list.

Cipher ID

Name

Deprecated

TLS 1.3

TLS 1.2

TLS 1.1

TLS 1.0

SSL 3.0

FIPS140-2 >= TLS1.0

SP800 - 131A TLS 1.2 Only

Suite B 128 TLS 1.2 Only

Suite B 192 TLS 1.2 Only

Kx

Au

Enc

Bits

Mac

Mac Bits

Mode Strength

0x01301 TLS_AES_128_GCM_SHA256  

X

                NULL NULL AES_128_GCM 128 SHA256 256 2
0x01302 TLS_AES_256_GCM_SHA384  

X

                NULL NULL AES_256_GCM 256 SHA384 384 2

0x0C02C

TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

 

 

X

 

 

 

X

X

X

X

ECDHE

ECDSA

AES_256_GCM

256

SHA384

384

2

0x0C024

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384

 

 

X

 

 

 

X

X

 

 

ECDHE

ECDSA

AES_256_CBC

256

SHA384

384

1

0x0C00A

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA

 

 

X

 

 

 

X

X

 

 

ECDHE

ECDSA

AES_256_CBC

256

SHA

160

1

0x0C02B

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

 

 

X

 

 

 

X

X

X

 

ECDHE

ECDSA

AES_128_GCM

128

SHA256

256

2

0x0C023

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

 

 

X

 

 

 

X

X

 

 

ECDHE

ECDSA

AES_128_CBC

128

SHA256

256

1

0x0C009

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA

 

 

X

 

 

 

X

X

 

 

ECDHE

ECDSA

AES_128_CBC

128

SHA

160

1

0x0C007

TLS_ECDHE_ECDSA_WITH_RC4_128_SHA

 

 

X

 

 

 

 

 

 

 

ECDHE

ECDSA

RC4_128

128

SHA

160

0

0x0C008

TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA

 

 

X

 

 

 

X

X

 

 

ECDHE

ECDSA

3DES_EDE_CBC

168

SHA

160

1

0x0C006

TLS_ECDHE_ECDSA_WITH_NULL_SHA

 

 

X

 

 

 

 

 

 

 

ECDHE

ECDSA

NULL

0

SHA

160

0

0x0C030

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

 

 

X

 

 

 

X

X

 

 

ECDHE

RSA

AES_256_GCM

256

SHA384

384

2

0x0C028

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

 

 

X

 

 

 

X

X

 

 

ECDHE

RSA

AES_256_CBC

256

SHA384

384

1

0x0C014

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

 

 

X

 

 

 

X

X

 

 

ECDHE

RSA

AES_256_CBC

256

SHA

160

1

0x0C02F

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

 

 

X

 

 

 

X

X

 

 

ECDHE

RSA

AES_128_GCM

128

SHA256

256

2

0x0C027

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

 

 

X

 

 

 

X

X

 

 

ECDHE

RSA

AES_128_CBC

128

SHA256

256

1

0x0C013

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

 

 

X

 

 

 

X

X

 

 

ECDHE

RSA

AES_128_CBC

128

SHA

160

1

0x0C011

TLS_ECDHE_RSA_WITH_RC4_128_SHA

 

 

X

 

 

 

 

 

 

 

ECDHE

RSA

RC4_128

128

SHA

160

0

0x0C012

TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA

 

 

X

 

 

 

X

X

 

 

ECDHE

RSA

3DES_EDE_CBC

168

SHA

160

1

0x0C010

TLS_ECDHE_RSA_WITH_NULL_SHA

 

 

X

 

 

 

 

 

 

 

ECDHE

RSA

NULL

0

SHA

160

0

0x0009D

TLS_RSA_WITH_AES_256_GCM_SHA384

 

 

X

 

 

 

X

X

 

 

RSA

RSA

AES_256_GCM

256

SHA384

384

2

0x0003D

TLS_RSA_WITH_AES_256_CBC_SHA256

 

 

X

 

 

 

X

X

 

 

RSA

RSA

AES_256_CBC

256

SHA256

256

1

0x00035

TLS_RSA_WITH_AES_256_CBC_SHA

 

 

X

X

X

X

X

X

 

 

RSA

RSA

AES_256_CBC

256

SHA

160

1

0x0009C

TLS_RSA_WITH_AES_128_GCM_SHA256

 

 

X

 

 

 

X

X

 

 

RSA

RSA

AES_128_GCM

128

SHA256

256

2

0x0003C

TLS_RSA_WITH_AES_128_CBC_SHA256

 

 

X

 

 

 

X

X

 

 

RSA

RSA

AES_128_CBC

128

SHA256

256

1

0x0002F

TLS_RSA_WITH_AES_128_CBC_SHA

 

 

X

X

X

X

X

X

 

 

RSA

RSA

AES_128_CBC

128

SHA

160

1

0x00005

TLS_RSA_WITH_RC4_128_SHA

 

 

X

X

X

X

 

 

 

 

RSA

RSA

RC4_128

128

SHA

160

0

0x00004

TLS_RSA_WITH_RC4_128_MD5

 

 

 

X

X

X

 

 

 

 

RSA

RSA

RC4_128

128

MD5

128

0

0x0000A

TLS_RSA_WITH_3DES_EDE_CBC_SHA

 

 

X

X

X

X

X

X

 

 

RSA

RSA

3DES_EDE_CBC

168

SHA

160

1

0x00009

TLS_RSA_WITH_DES_CBC_SHA

 

 

 

X

X

X

 

 

 

 

RSA

RSA

DES_CBC

56

SHA

160

1

0x0003B

TLS_RSA_WITH_NULL_SHA256

 

 

X

 

 

 

 

 

 

 

RSA

RSA

NULL

0

SHA256

256

0

0x00002

TLS_RSA_WITH_NULL_SHA

 

 

X

X

X

X

 

 

 

 

RSA

RSA

NULL

0

SHA

160

0

0x00001

TLS_RSA_WITH_NULL_MD5

 

 

 

X

X

X

 

 

 

 

RSA

RSA

NULL

0

MD5

128

0

0x00000

TLS_RSA_WITH_NULL_NULL

 

 

X

X

X

X

 

 

 

 

RSA

NULL

NULL

0

NULL

0

0

0x00006

TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5

X

 

 

 

X

X

 

 

 

 

RSA_EXPORT

RSA_EXPORT

RC2_CBC_40

40

MD5

128

1

0x00003

TLS_RSA_EXPORT_WITH_RC4_40_MD5

X

 

 

 

X

X

 

 

 

 

RSA_EXPORT

RSA_EXPORT

RC4_40

40

MD5

128

0

0x00062

TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA

X

 

 

 

X

X

 

 

 

 

RSA_EXPORT 1024

RSA_EXPORT 1024

DES_CBC

56

SHA

160

1

0x00064

TLS_RSA_EXPORT1024_WITH_RC4_56_SHA

X

 

 

 

X

X

 

 

 

 

RSA_EXPORT 1024

RSA_EXPORT 1024

RC4_56

56

SHA

160

0