Cipher suites
A cipher suite is a defined set of cryptographic algorithms used to establish a secure connection over HTTPS.
When accessing the Web GUI or performing secure communications with a tape library, cipher suites play a critical role in protecting data in transit.
Components of a Cipher Suite
Each cipher suite typically includes:
- Key Exchange Algorithm: Establishes a shared secret between client and server (e.g., ECDHE).
- Authentication Algorithm: Verifies the identity of the server (e.g., RSA or ECDSA).
- Encryption Algorithm: Encrypts the data being transmitted (e.g., AES-256-GCM).
- Message Authentication Code (MAC): Ensures data integrity (e.g., SHA-384).
Role in Secure Communication
Cipher suites are used during the TLS handshake to:
- Authenticate the server (and optionally the client).
- Securely exchange encryption keys.
- Encrypt the session data.
- Verify the integrity of messages.
The strength and method of encryption depend on the specific cipher suite selected during the handshake. Stronger suites offer better protection against modern threats.

Supported Cipher suites
The tape library uses a predefined set of cipher suites for HTTPS communication. Administrators cannot manually restrict or customize the number or types of cipher suites allowed. This ensures compatibility and simplifies configuration.
| Protocol version | Cipher suites |
|---|---|
| TLSv1.2 only |
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 |