The following sections describe and show examples to common protocol-level TLS settings.
The cipher algorithms used for key exchange and mass symmetric encryption are specified by the cipher attribute of the class referred in the client_tls_options or server_tls_options of the Encryption policy. These attributes contain a cipher specification as specified by the OpenSSL manuals, see the manual page ciphers(ssl) for further details.
The default set of ciphers can be set by using the following predefined variables.
| Name | Value |
|---|---|
| TLS_CIPHERS_DEFAULT | n/a |
| TLS_CIPHERS_OLD | n/a |
| TLS_CIPHERS_CUSTOM | n/a |
Table 3.3. Constants for cipher selection
Cipher specifications as defined above are sorted by key length. The cipher providing the best key length will be the most preferred.
Published on February 29, 2024
© BalaSys IT Ltd.
Send your comments to support@balasys.hu
