This command specifies the list of signature algorithms that the TLS server profile
advertises and supports.
Parameters
- algorithm
- Specifies the name of a signature algorithm. The algorithms in the following table are supported
by the TLS profile.
-
Table 1. Supported signature
algorithms
| Algorithm |
Is default value |
ecdsa_secp256r1_sha256 |
Yes |
ecdsa_secp384r1_sha384 |
Yes |
ecdsa_secp521r1_sha512 |
Yes |
ed25519 |
Yes |
ed448 |
Yes |
ecdsa_sha224 |
Yes |
ecdsa_sha1 |
Yes |
rsa_pss_rsae_sha256 |
Yes |
rsa_pss_rsae_sha384 |
Yes |
rsa_pss_rsae_sha512 |
Yes |
rsa_pss_pss_sha256 |
Yes |
rsa_pss_pss_sha384 |
Yes |
rsa_pss_rsae_sha512 |
Yes |
rsa_pss_pss_sha256 |
Yes |
rsa_pss_pss_sha384 |
Yes |
rsa_pss_pss_sha512 |
Yes |
rsa_pkcs1_sha256 |
Yes |
rsa_pkcs1_sha384 |
Yes |
rsa_pkcs1_sha512 |
Yes |
rsa_pkcs1_sha224 |
Yes |
rsa_pkcs1_sha1 |
Yes |
dsa_sha256 |
Yes |
dsa_sha384 |
Yes |
dsa_sha512 |
Yes |
dsa_sha224 |
Yes |
dsa_sha1 |
Yes |
Guidelines
The sign-alg command specifies the list of signature algorithms that the TLS
server profile advertises and supports.
To specify multiple algorithms, run this command for each algorithm. An empty list implies the
use of all of the default algorithms.