Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

CSS 11503 SSL termination and 256 bit support

Does anyone know if the CSS11503 can support 256 bit SSL termination?

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: CSS 11503 SSL termination and 256 bit support

switch/Admin(config-parammap-ssl)# cipher ?

RSA_EXPORT1024_WITH_DES_CBC_SHA Accept RSA_EXPORT1024_WITH_DES_CBC_SHA cipher

RSA_EXPORT1024_WITH_RC4_56_MD5 Accept RSA_EXPORT1024_WITH_RC4_56_MD5 cipher

RSA_EXPORT1024_WITH_RC4_56_SHA Accept RSA_EXPORT1024_WITH_RC4_56_SHA cipher

RSA_EXPORT_WITH_DES40_CBC_SHA Accept RSA_EXPORT_WITH_DES40_CBC_SHA cipher

RSA_EXPORT_WITH_RC4_40_MD5 Accept RSA_EXPORT_WITH_RC4_40_MD5 cipher

RSA_WITH_3DES_EDE_CBC_SHA Accept RSA_WITH_3DES_EDE_CBC_SHA cipher

RSA_WITH_AES_128_CBC_SHA Accept RSA_WITH_AES_128_CBC_SHA cipher

RSA_WITH_AES_256_CBC_SHA Accept RSA_WITH_AES_256_CBC_SHA cipher

RSA_WITH_DES_CBC_SHA Accept RSA_WITH_DES_CBC_SHA cipher

RSA_WITH_RC4_128_MD5 Accept RSA_WITH_RC4_128_MD5 cipher

RSA_WITH_RC4_128_SHA Accept RSA_WITH_RC4_128_SHA cipher

The following 256 bits cipher is already supported :

RSA_WITH_AES_256_CBC_SHA

Gilles.

4 REPLIES
Cisco Employee

Re: CSS 11503 SSL termination and 256 bit support

We only support the following ciphers and there is no more development on the CSS.

So don't expect new ones to be added.

CSS11503-2(config-ssl-proxy-list[gdufour])# ssl-server 1 cipher ?

all-cipher-suites

dhe-dss-export1024-with-rc4-56-sha

rsa-export1024-with-rc4-56-sha

dhe-dss-export1024-with-des-cbc-sha

rsa-export1024-with-des-cbc-sha

dh-anon-export-with-des40-cbc-sha

dh-anon-export-with-rc4-40-md5

dhe-rsa-export-with-des40-cbc-sha

dhe-dss-export-with-des40-cbc-sha

rsa-export-with-des40-cbc-sha

rsa-export-with-rc4-40-md5

dhe-dss-with-rc4-128-sha

dh-anon-with-3des-ede-cbc-sha

dh-anon-with-des-cbc-sha

dh-anon-with-rc4-128-md5

dhe-rsa-with-3des-ede-cbc-sha

dhe-rsa-with-des-cbc-sha

dhe-dss-with-3des-ede-cbc-sha

dhe-dss-with-des-cbc-sha

rsa-with-3des-ede-cbc-sha

rsa-with-des-cbc-sha

rsa-with-rc4-128-sha

rsa-with-rc4-128-md5

New Member

Re: CSS 11503 SSL termination and 256 bit support

Many thanks for the reply Gilles.

Is 256 bit supported on ACE, or will it be on the roadmap?

Cisco Employee

Re: CSS 11503 SSL termination and 256 bit support

switch/Admin(config-parammap-ssl)# cipher ?

RSA_EXPORT1024_WITH_DES_CBC_SHA Accept RSA_EXPORT1024_WITH_DES_CBC_SHA cipher

RSA_EXPORT1024_WITH_RC4_56_MD5 Accept RSA_EXPORT1024_WITH_RC4_56_MD5 cipher

RSA_EXPORT1024_WITH_RC4_56_SHA Accept RSA_EXPORT1024_WITH_RC4_56_SHA cipher

RSA_EXPORT_WITH_DES40_CBC_SHA Accept RSA_EXPORT_WITH_DES40_CBC_SHA cipher

RSA_EXPORT_WITH_RC4_40_MD5 Accept RSA_EXPORT_WITH_RC4_40_MD5 cipher

RSA_WITH_3DES_EDE_CBC_SHA Accept RSA_WITH_3DES_EDE_CBC_SHA cipher

RSA_WITH_AES_128_CBC_SHA Accept RSA_WITH_AES_128_CBC_SHA cipher

RSA_WITH_AES_256_CBC_SHA Accept RSA_WITH_AES_256_CBC_SHA cipher

RSA_WITH_DES_CBC_SHA Accept RSA_WITH_DES_CBC_SHA cipher

RSA_WITH_RC4_128_MD5 Accept RSA_WITH_RC4_128_MD5 cipher

RSA_WITH_RC4_128_SHA Accept RSA_WITH_RC4_128_SHA cipher

The following 256 bits cipher is already supported :

RSA_WITH_AES_256_CBC_SHA

Gilles.

New Member

Re: CSS 11503 SSL termination and 256 bit support

Excellent news.

Thanks for the prompt response.

332
Views
0
Helpful
4
Replies