08-13-2009 07:22 AM
Does anyone know if the CSS11503 can support 256 bit SSL termination?
Solved! Go to Solution.
08-14-2009 12:56 AM
switch/Admin(config-parammap-ssl)# cipher ?
RSA_EXPORT1024_WITH_DES_CBC_SHA Accept RSA_EXPORT1024_WITH_DES_CBC_SHA cipher
RSA_EXPORT1024_WITH_RC4_56_MD5 Accept RSA_EXPORT1024_WITH_RC4_56_MD5 cipher
RSA_EXPORT1024_WITH_RC4_56_SHA Accept RSA_EXPORT1024_WITH_RC4_56_SHA cipher
RSA_EXPORT_WITH_DES40_CBC_SHA Accept RSA_EXPORT_WITH_DES40_CBC_SHA cipher
RSA_EXPORT_WITH_RC4_40_MD5 Accept RSA_EXPORT_WITH_RC4_40_MD5 cipher
RSA_WITH_3DES_EDE_CBC_SHA Accept RSA_WITH_3DES_EDE_CBC_SHA cipher
RSA_WITH_AES_128_CBC_SHA Accept RSA_WITH_AES_128_CBC_SHA cipher
RSA_WITH_AES_256_CBC_SHA Accept RSA_WITH_AES_256_CBC_SHA cipher
RSA_WITH_DES_CBC_SHA Accept RSA_WITH_DES_CBC_SHA cipher
RSA_WITH_RC4_128_MD5 Accept RSA_WITH_RC4_128_MD5 cipher
RSA_WITH_RC4_128_SHA Accept RSA_WITH_RC4_128_SHA cipher
The following 256 bits cipher is already supported :
RSA_WITH_AES_256_CBC_SHA
Gilles.
08-14-2009 12:12 AM
We only support the following ciphers and there is no more development on the CSS.
So don't expect new ones to be added.
CSS11503-2(config-ssl-proxy-list[gdufour])# ssl-server 1 cipher ?
all-cipher-suites
dhe-dss-export1024-with-rc4-56-sha
rsa-export1024-with-rc4-56-sha
dhe-dss-export1024-with-des-cbc-sha
rsa-export1024-with-des-cbc-sha
dh-anon-export-with-des40-cbc-sha
dh-anon-export-with-rc4-40-md5
dhe-rsa-export-with-des40-cbc-sha
dhe-dss-export-with-des40-cbc-sha
rsa-export-with-des40-cbc-sha
rsa-export-with-rc4-40-md5
dhe-dss-with-rc4-128-sha
dh-anon-with-3des-ede-cbc-sha
dh-anon-with-des-cbc-sha
dh-anon-with-rc4-128-md5
dhe-rsa-with-3des-ede-cbc-sha
dhe-rsa-with-des-cbc-sha
dhe-dss-with-3des-ede-cbc-sha
dhe-dss-with-des-cbc-sha
rsa-with-3des-ede-cbc-sha
rsa-with-des-cbc-sha
rsa-with-rc4-128-sha
rsa-with-rc4-128-md5
08-14-2009 12:50 AM
Many thanks for the reply Gilles.
Is 256 bit supported on ACE, or will it be on the roadmap?
08-14-2009 12:56 AM
switch/Admin(config-parammap-ssl)# cipher ?
RSA_EXPORT1024_WITH_DES_CBC_SHA Accept RSA_EXPORT1024_WITH_DES_CBC_SHA cipher
RSA_EXPORT1024_WITH_RC4_56_MD5 Accept RSA_EXPORT1024_WITH_RC4_56_MD5 cipher
RSA_EXPORT1024_WITH_RC4_56_SHA Accept RSA_EXPORT1024_WITH_RC4_56_SHA cipher
RSA_EXPORT_WITH_DES40_CBC_SHA Accept RSA_EXPORT_WITH_DES40_CBC_SHA cipher
RSA_EXPORT_WITH_RC4_40_MD5 Accept RSA_EXPORT_WITH_RC4_40_MD5 cipher
RSA_WITH_3DES_EDE_CBC_SHA Accept RSA_WITH_3DES_EDE_CBC_SHA cipher
RSA_WITH_AES_128_CBC_SHA Accept RSA_WITH_AES_128_CBC_SHA cipher
RSA_WITH_AES_256_CBC_SHA Accept RSA_WITH_AES_256_CBC_SHA cipher
RSA_WITH_DES_CBC_SHA Accept RSA_WITH_DES_CBC_SHA cipher
RSA_WITH_RC4_128_MD5 Accept RSA_WITH_RC4_128_MD5 cipher
RSA_WITH_RC4_128_SHA Accept RSA_WITH_RC4_128_SHA cipher
The following 256 bits cipher is already supported :
RSA_WITH_AES_256_CBC_SHA
Gilles.
08-14-2009 12:59 AM
Excellent news.
Thanks for the prompt response.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide