![[AIX Solaris HP-UX Linux Windows]](../images/dist.gif)
![[z/OS]](../images/ngzos.gif)
SSL cipher specifications
When an SSL connection is established, the client (web browser) and the web server negotiate the cipher to use for the connection. The web server has an ordered list of ciphers, and the first cipher in the list that is supported by the client is selected.
Introduction
View the list of current of SSL ciphers.
Attention: This list of ciphers could change
as a result of updates to industry standards. You can determine the list of ciphers supported in a
particular version of IBM® HTTP Server by configuring it to
load mod_ibm_ssl and running bin/apachectl -t -f path/to/httpd.conf
-DDUMP_SSL_CIPHERS.
The SSLFIPSEnable directive enables Federal Information Processing Standards (FIPS). When the SSLFIPSEnable directive is enabled, the set of ciphers available is restricted as shown, and SSLv2 and SSLv3 are disabled as well as TLSv11 and TLSv12. Only TLSv10 is enabled for FIPS compliance.
Avoid trouble:
- Ciphers should be enabled via their "long name".
- Ciphers containing "ECDHE_RSA" in their name use a standard RSA certificate and can coexist with older RSA ciphers and clients.
- Ciphers containing "ECDHE_ECDSA" in their name requires an ECC (Elliptic Curve Cryptography) certificate/key to be created (with gskcapicmd if you are running on a distributed platform, or gskkyman if you are running on z/OS®).
On z/OS, several criteria must be met to use "ECDHE" ciphers:
- z/OS V1R13 with OA39422, or later, is required to use TLSv1.2 on z/OS.
- ICSF must be available to use ECC or AES-GCM ciphers. See
RACF® CSFSERV Resource Requirements
in the z/OS Cryptographic Services System SSL Programming for more information.
SSL and TLS ciphers
Attention: SSL and TLS cipher values:
- "- "= cipher that is not valid for the protocol
- "d" = cipher is enabled by default
- "y" = cipher is valid but not enabled by default
- "d*"= cipher is enabled by default on distributed platforms only
For transitioning users: To improve security, IBM HTTP Server Version 9.0 disables weak SSL ciphers, export SSL ciphers, and
the SSL Version 2 and Version 3 protocols by default. SSL Version 2, weak ciphers, and export
ciphers are generally unsuitable for production SSL workloads on the internet and are flagged by
security scanners. To enable ciphers, use the SSLCipherSpec directive.
Short name | Long name | Key size (bits) | FIPS | SSLV2 | SSLV3 | TLSv10 | TLSv11 | TLSv12 | TLSv13 |
---|---|---|---|---|---|---|---|---|---|
1301 | TLS_AES_128_GCM_SHA256 | 128 | Y | - | - | - | - | - |
|
1302 | TLS_AES_256_GCM_SHA384 | 256 | Y | - | - | - | - | - |
|
1303 | TLS_CHACHA20_POLY1305_SHA256 | 256 | - | - | - | - | - | - |
|
1304 | TLS_AES_128_CCM_SHA256 | 128 | Y | - | - | - | - | - |
|
1305 | TLS_AES_128_CCM_8_SHA256 | 128 | Y | - | - | - | - | - |
|
C030 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 | 256 | Y | - | - | - | - | d* | |
C02F | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 | 128 | Y | - | - | - | - | d* | |
C028 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 | 256 | Y | - | - | - | - | d* | |
C027 | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 | 128 | Y | - | - | - | - | d* | |
C014 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA | 256 | Y | - | - | - | - | d* | |
C013 | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA | 128 | Y | - | - | - | - | d* | |
9D | TLS_RSA_WITH_AES_256_GCM_SHA384 | 256 | Y | - | - | - | - | d | |
9C | TLS_RSA_WITH_AES_128_GCM_SHA256 | 128 | Y | - | - | - | - | d | |
3D | TLS_RSA_WITH_AES_256_CBC_SHA256 | 256 | Y | - | - | - | - | d | |
3C | TLS_RSA_WITH_AES_128_CBC_SHA256 | 128 | Y | - | - | - | - | d | |
35b | TLS_RSA_WITH_AES_256_CBC_SHA | 256 | Y | - | Y | d | d | d | |
2F | TLS_RSA_WITH_AES_128_CBC_SHA | 128 | Y | - | Y | d | d | d | |
C009 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA | 128 | Y | - | - | - | - | d* | |
C00A | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA | 256 | Y | - | - | - | - | d* | |
C023 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | 128 | Y | - | - | - | - | d* | |
C024 | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 | 256 | Y | - | - | - | - | d* | |
C02C | TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 | 256 | Y | - | - | - | - | d* | |
C02B | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | 128 | Y | - | - | - | - | d* |
Note: The
TLSv10
and TLSv11
protocols are not
enabled by default after IBM HTTP Server versions 9.0.5.9. and 8.5.5.20.Important: 3DES ciphers are disabled by default on IBM HTTP Server
versions 9.0.0.6 and later.
Weaker ciphers, not enabled by default:
Short name | Long name | Key size (bits) | FIPS | SSLV2 | SSLV3 | TLSv10 | TLSv11 | TLSv12 |
---|---|---|---|---|---|---|---|---|
C010 | TLS_ECDHE_RSA_WITH_NULL_SHA | 0 | Y | - | - | - | - | Y* |
C008 | TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA | 168 | Y | - | - | - | - | Y* |
C012 | TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA | 168 | Y | - | - | - | - | Y* |
3A | SSL_RSA_WITH_3DES_EDE_CBC_SHA | 168 | Y | - | Y | Y | Y | Y |
C007 | TLS_ECDHE_ECDSA_WITH_RC4_128_SHA | 128 | Y | - | - | - | - | Y* |
C011 | TLS_ECDHE_RSA_WITH_RC4_128_SHA | 128 | Y | - | - | - | - | Y* |
35 | SSL_RSA_WITH_RC4_128_SHA | 128 | - | - | Y | Y | Y | Y |
34 | SSL_RSA_WITH_RC4_128_MD5 | 128 | - | - | Y | Y | Y | - |
39 | SSL_RSA_WITH_DES_CBC_SHA | 56 | - | - | y | y | y | - |
33 | SSL_RSA_EXPORT_WITH_RC4_40_MD5 | 40 | - | - | y | y | - | - |
36 | SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 | 40 | - | - | y | y | - | - |
62 | TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA | 56 | - | - | y | y | - | - |
64 | TLS_RSA_EXPORT1024_WITH_RC4_56_SHA | 56 | - | - | y | y | - | - |
32 | SSL_RSA_WITH_NULL_SHA | 0 | - | - | y | y | y | y |
31 | SSL_RSA_WITH_NULL_MD5 | 0 | - | - | y | y | y | - |
3B | TLS_RSA_WITH_NULL_SHA256 | 0 | Y | - | - | - | - | y |
30 | SSL_NULL_WITH_NULL_NULL | 0 | - | - | y | y | y | y |
27 | SSL_DES_192_EDE3_CBC_WITH_MD5 | 168 | - | y | - | - | - | - |
21 | SSL_RC4_128_WITH_MD5 | 128 | - | y | - | - | - | - |
23 | SSL_RC2_CBC_128_CBC_WITH_MD5 | 128 | - | y | - | - | - | - |
26 | SSL_DES_64_CBC_WITH_MD5 | 56 | - | y | - | - | - | - |
24 | SSL_RC2_CBC_128_CBC_EXPORT40_WITH_MD5 | 40 | - | y | - | - | - | - |
22 | SSL_RC4_128_EXPORT40_WITH_MD5 | 40 | - | y | - | - | - | - |
FE | SSL_RSA_FIPS_WITH_DES_CBC_SHA | 56 | - | - | - | - | - | - |
FF | SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA | 168 | - | - | - | - | - | - |