08-13-2009 07:22 AM
Does anyone know if the CSS11503 can support 256 bit SSL termination?
Solved! Go to Solution.
08-14-2009 12:56 AM
switch/Admin(config-parammap-ssl)# cipher ?
RSA_EXPORT1024_WITH_DES_CBC_SHA Accept RSA_EXPORT1024_WITH_DES_CBC_SHA cipher
RSA_EXPORT1024_WITH_RC4_56_MD5 Accept RSA_EXPORT1024_WITH_RC4_56_MD5 cipher
RSA_EXPORT1024_WITH_RC4_56_SHA Accept RSA_EXPORT1024_WITH_RC4_56_SHA cipher
RSA_EXPORT_WITH_DES40_CBC_SHA Accept RSA_EXPORT_WITH_DES40_CBC_SHA cipher
RSA_EXPORT_WITH_RC4_40_MD5 Accept RSA_EXPORT_WITH_RC4_40_MD5 cipher
RSA_WITH_3DES_EDE_CBC_SHA Accept RSA_WITH_3DES_EDE_CBC_SHA cipher
RSA_WITH_AES_128_CBC_SHA Accept RSA_WITH_AES_128_CBC_SHA cipher
RSA_WITH_AES_256_CBC_SHA Accept RSA_WITH_AES_256_CBC_SHA cipher
RSA_WITH_DES_CBC_SHA Accept RSA_WITH_DES_CBC_SHA cipher
RSA_WITH_RC4_128_MD5 Accept RSA_WITH_RC4_128_MD5 cipher
RSA_WITH_RC4_128_SHA Accept RSA_WITH_RC4_128_SHA cipher
The following 256 bits cipher is already supported :
RSA_WITH_AES_256_CBC_SHA
Gilles.
08-14-2009 12:12 AM
We only support the following ciphers and there is no more development on the CSS.
So don't expect new ones to be added.
CSS11503-2(config-ssl-proxy-list[gdufour])# ssl-server 1 cipher ?
all-cipher-suites
dhe-dss-export1024-with-rc4-56-sha
rsa-export1024-with-rc4-56-sha
dhe-dss-export1024-with-des-cbc-sha
rsa-export1024-with-des-cbc-sha
dh-anon-export-with-des40-cbc-sha
dh-anon-export-with-rc4-40-md5
dhe-rsa-export-with-des40-cbc-sha
dhe-dss-export-with-des40-cbc-sha
rsa-export-with-des40-cbc-sha
rsa-export-with-rc4-40-md5
dhe-dss-with-rc4-128-sha
dh-anon-with-3des-ede-cbc-sha
dh-anon-with-des-cbc-sha
dh-anon-with-rc4-128-md5
dhe-rsa-with-3des-ede-cbc-sha
dhe-rsa-with-des-cbc-sha
dhe-dss-with-3des-ede-cbc-sha
dhe-dss-with-des-cbc-sha
rsa-with-3des-ede-cbc-sha
rsa-with-des-cbc-sha
rsa-with-rc4-128-sha
rsa-with-rc4-128-md5
08-14-2009 12:50 AM
Many thanks for the reply Gilles.
Is 256 bit supported on ACE, or will it be on the roadmap?
08-14-2009 12:56 AM
switch/Admin(config-parammap-ssl)# cipher ?
RSA_EXPORT1024_WITH_DES_CBC_SHA Accept RSA_EXPORT1024_WITH_DES_CBC_SHA cipher
RSA_EXPORT1024_WITH_RC4_56_MD5 Accept RSA_EXPORT1024_WITH_RC4_56_MD5 cipher
RSA_EXPORT1024_WITH_RC4_56_SHA Accept RSA_EXPORT1024_WITH_RC4_56_SHA cipher
RSA_EXPORT_WITH_DES40_CBC_SHA Accept RSA_EXPORT_WITH_DES40_CBC_SHA cipher
RSA_EXPORT_WITH_RC4_40_MD5 Accept RSA_EXPORT_WITH_RC4_40_MD5 cipher
RSA_WITH_3DES_EDE_CBC_SHA Accept RSA_WITH_3DES_EDE_CBC_SHA cipher
RSA_WITH_AES_128_CBC_SHA Accept RSA_WITH_AES_128_CBC_SHA cipher
RSA_WITH_AES_256_CBC_SHA Accept RSA_WITH_AES_256_CBC_SHA cipher
RSA_WITH_DES_CBC_SHA Accept RSA_WITH_DES_CBC_SHA cipher
RSA_WITH_RC4_128_MD5 Accept RSA_WITH_RC4_128_MD5 cipher
RSA_WITH_RC4_128_SHA Accept RSA_WITH_RC4_128_SHA cipher
The following 256 bits cipher is already supported :
RSA_WITH_AES_256_CBC_SHA
Gilles.
08-14-2009 12:59 AM
Excellent news.
Thanks for the prompt response.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: