NSA Suite B 192bit Mode
- Certificates must be ECC using elliptic curve secp384r1
- Protocol must be TLSV1.2, all others are disabled
- Cipher algorithm must be AES-256
- Key exchange algorithm must be ECDH
- Digital signature algorithm must be ECDSA
- Hashing algorithm must be SHA384
- Cipher suites allowed for NSA Suite B 192 bit are
- TLS_ECDHE_ECDSA_W_AES_256_CBC_SHA384 (C024)
- TLS_ECDHE_ECDSA_W_AES_256_GCM_SHA384 (C02C)