SSL Parameter Map

shday · ‎01-24-2012

I need to update the cipher on my ssl parameter map and I need to know once I make the change on the parameter map does that change take effect when I hit enter or do I need to do something else to activate the change.

I'm going to change my cipher list and add new ciphers and change the order.

Borys Berlog · ‎01-25-2012

Yes, you don't need to do any additional configuration to apply changes on parameter map (of course I assumed that it's already been applied to necessary ssl proxy service). Just depends on how big your config is, changes applying may take a few seconds.

shday · ‎01-26-2012

So if I'm changing from this,

parameter-map type ssl ssl-map

cipher RSA_WITH_3DES_EDE_CBC_SHA priority 8

cipher RSA_WITH_AES_128_CBC_SHA priority 6

cipher RSA_WITH_AES_256_CBC_SHA priority 4

To this,

parameter-map type ssl ssl-map

cipher RSA_WITH_RC4_128_MD5 priority 2

cipher RSA_WITH_RC4_128_SHA priority 4

I dont have to bounce the policy or anything like that to make the change active?

Borys Berlog · ‎01-27-2012

Yes, you don't need to do anything after this change. Of course it will affect only new session, old sessions won't be restarted.