SSL Proxy list: cipher suite

Unanswered Question
May 3rd, 2007
User Badges:

In my proxy list I choose to use a cipher suite rsa-with-3des-ede-cbc-sha.

What if the client doesn't support this? Does it fallback to another? Is there a difference in performance rsa-with-3des-ede-cbc-sha VS rsa-with-rc4-128-sha? 168 bit encryption vs 128 bit encryption.

For the moment i'm using rsa-with-3des but when i browse to the site i get 128 bit SSL Secured.


Any help on this subject would be nice.


Kind regards,


Frederik De Muyter.

Kind regards.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Gilles Dufour Thu, 05/03/2007 - 03:40
User Badges:
  • Cisco Employee,

Frederik


You can configure multiple cipher and give them a weight so that if 3des is not available on the client another one will be used.

If you do not configure another one however, then the connection should be dropped.


Gilles.

Actions

This Discussion