The following sections describe and show examples to common protocol-level TLS settings.
The cipher algorithms used for key exchange and mass symmetric encryption are specified by the cipher attribute of the class referred in the client_tls_options or server_tls_options of the Encryption policy. These attributes contain a cipher specification as specified by the OpenSSL manuals, see the manual page ciphers(ssl) for further details.
The default set of ciphers can be set by using the following predefined variables.
| Name | Value |
|---|---|
| TLS_CIPHERS_DEFAULT | n/a |
| TLS_CIPHERS_OLD | n/a |
| TLS_CIPHERS_CUSTOM | n/a |
Table 3.3. Constants for cipher selection
Cipher specifications as defined above are sorted by key length. The cipher providing the best key length will be the most preferred.
© 2021 BalaSys IT Security.
Send your comments to support@balasys.hu
