Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
646
Views
0
Helpful
4
Replies

CSS 11503 SSL termination and 256 bit support

Go to solution
russ
Level 1
Level 1

‎08-13-2009 07:22 AM

Does anyone know if the CSS11503 can support 256 bit SSL termination?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Gilles Dufour
Cisco Employee
Cisco Employee
In response to russ

‎08-14-2009 12:56 AM

switch/Admin(config-parammap-ssl)# cipher ?

RSA_EXPORT1024_WITH_DES_CBC_SHA Accept RSA_EXPORT1024_WITH_DES_CBC_SHA cipher

RSA_EXPORT1024_WITH_RC4_56_MD5 Accept RSA_EXPORT1024_WITH_RC4_56_MD5 cipher

RSA_EXPORT1024_WITH_RC4_56_SHA Accept RSA_EXPORT1024_WITH_RC4_56_SHA cipher

RSA_EXPORT_WITH_DES40_CBC_SHA Accept RSA_EXPORT_WITH_DES40_CBC_SHA cipher

RSA_EXPORT_WITH_RC4_40_MD5 Accept RSA_EXPORT_WITH_RC4_40_MD5 cipher

RSA_WITH_3DES_EDE_CBC_SHA Accept RSA_WITH_3DES_EDE_CBC_SHA cipher

RSA_WITH_AES_128_CBC_SHA Accept RSA_WITH_AES_128_CBC_SHA cipher

RSA_WITH_AES_256_CBC_SHA Accept RSA_WITH_AES_256_CBC_SHA cipher

RSA_WITH_DES_CBC_SHA Accept RSA_WITH_DES_CBC_SHA cipher

RSA_WITH_RC4_128_MD5 Accept RSA_WITH_RC4_128_MD5 cipher

RSA_WITH_RC4_128_SHA Accept RSA_WITH_RC4_128_SHA cipher

The following 256 bits cipher is already supported :

RSA_WITH_AES_256_CBC_SHA

Gilles.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Gilles Dufour
Cisco Employee
Cisco Employee

‎08-14-2009 12:12 AM

We only support the following ciphers and there is no more development on the CSS.

So don't expect new ones to be added.

CSS11503-2(config-ssl-proxy-list[gdufour])# ssl-server 1 cipher ?

all-cipher-suites

dhe-dss-export1024-with-rc4-56-sha

rsa-export1024-with-rc4-56-sha

dhe-dss-export1024-with-des-cbc-sha

rsa-export1024-with-des-cbc-sha

dh-anon-export-with-des40-cbc-sha

dh-anon-export-with-rc4-40-md5

dhe-rsa-export-with-des40-cbc-sha

dhe-dss-export-with-des40-cbc-sha

rsa-export-with-des40-cbc-sha

rsa-export-with-rc4-40-md5

dhe-dss-with-rc4-128-sha

dh-anon-with-3des-ede-cbc-sha

dh-anon-with-des-cbc-sha

dh-anon-with-rc4-128-md5

dhe-rsa-with-3des-ede-cbc-sha

dhe-rsa-with-des-cbc-sha

dhe-dss-with-3des-ede-cbc-sha

dhe-dss-with-des-cbc-sha

rsa-with-3des-ede-cbc-sha

rsa-with-des-cbc-sha

rsa-with-rc4-128-sha

rsa-with-rc4-128-md5

0 Helpful

Go to solution
russ
Level 1
Level 1
In response to Gilles Dufour

‎08-14-2009 12:50 AM

Many thanks for the reply Gilles.

Is 256 bit supported on ACE, or will it be on the roadmap?

0 Helpful

Go to solution
Gilles Dufour
Cisco Employee
Cisco Employee
In response to russ

‎08-14-2009 12:56 AM

switch/Admin(config-parammap-ssl)# cipher ?

RSA_EXPORT1024_WITH_DES_CBC_SHA Accept RSA_EXPORT1024_WITH_DES_CBC_SHA cipher

RSA_EXPORT1024_WITH_RC4_56_MD5 Accept RSA_EXPORT1024_WITH_RC4_56_MD5 cipher

RSA_EXPORT1024_WITH_RC4_56_SHA Accept RSA_EXPORT1024_WITH_RC4_56_SHA cipher

RSA_EXPORT_WITH_DES40_CBC_SHA Accept RSA_EXPORT_WITH_DES40_CBC_SHA cipher

RSA_EXPORT_WITH_RC4_40_MD5 Accept RSA_EXPORT_WITH_RC4_40_MD5 cipher

RSA_WITH_3DES_EDE_CBC_SHA Accept RSA_WITH_3DES_EDE_CBC_SHA cipher

RSA_WITH_AES_128_CBC_SHA Accept RSA_WITH_AES_128_CBC_SHA cipher

RSA_WITH_AES_256_CBC_SHA Accept RSA_WITH_AES_256_CBC_SHA cipher

RSA_WITH_DES_CBC_SHA Accept RSA_WITH_DES_CBC_SHA cipher

RSA_WITH_RC4_128_MD5 Accept RSA_WITH_RC4_128_MD5 cipher

RSA_WITH_RC4_128_SHA Accept RSA_WITH_RC4_128_SHA cipher

The following 256 bits cipher is already supported :

RSA_WITH_AES_256_CBC_SHA

Gilles.

0 Helpful

Go to solution
russ
Level 1
Level 1
In response to Gilles Dufour

‎08-14-2009 12:59 AM

Excellent news.

Thanks for the prompt response.

0 Helpful
Customers Also Viewed These Support Documents