Parameters
dhe_rsa_aes_128_cbc_sha: Specifies the key exchange algorithm DHE RSA, the data encryption
algorithm 128-bit AES, and the MAC algorithm SHA.
dhe_rsa_aes_256_cbc_sha: Specifies the key exchange algorithm DHE RSA, the data encryption
algorithm 256-bit AES, and the MAC algorithm SHA.
exp_rsa_des_cbc_sha: Specifies the export cipher suite that uses the key exchange algorithm RSA, the
data encryption algorithm DES_CBC, and the MAC algorithm SHA.
exp_rsa_rc2_md5: Specifies the export cipher suite that uses the key exchange algorithm RSA, the data
encryption algorithm RC2, and the MAC algorithm MD5.
exp_rsa_rc4_md5: Specifies the export cipher suite that uses the key exchange algorithm RSA, the data
encryption algorithm RC4, and the MAC algorithm MD5.
rsa_3des_ede_cbc_sha: Specifies the key exchange algorithm RSA, the data encryption algorithm
3DES_EDE_CBC, and the MAC algorithm SHA.
rsa_aes_128_cbc_sha: Specifies the key exchange algorithm RSA, the data encryption algorithm 128-bit
AES_CBC, and the MAC algorithm SHA.
rsa_aes_256_cbc_sha: Specifies the key exchange algorithm RSA, the data encryption algorithm 256-bit
AES_CBC, and the MAC algorithm SHA.
rsa_des_cbc_sha: Specifies the key exchange algorithm RSA, the data encryption algorithm DES_CBC,
and the MAC algorithm SHA.
rsa_rc4_128_md5: Specifies the key exchange algorithm RSA, the data encryption algorithm 128-bit
RC4, and the MAC algorithm MD5.
rsa_rc4_128_sha: Specifies the key exchange algorithm RSA, the data encryption algorithm 128-bit RC4,
and the MAC algorithm SHA.
Usage guidelines
SSL employs the following algorithms:
Data encryption algorithms—Encrypt data to ensure privacy. Commonly used data encryption
•
algorithms are usually symmetric key algorithms, such as DES_CBC, 3DES_EDE_CBC, AES_CBC,
and RC4. When using a symmetric key algorithm, the SSL server and the SSL client must use the
same key.
Message Authentication Code (MAC) algorithms—Calculate the MAC value for data to ensure
•
integrity. Commonly used MAC algorithms include MD5 and SHA. When using a MAC algorithm,
the SSL server and the SSL client must use the same key.
Key exchange algorithms—Implement secure exchange of the keys used by the symmetric key
•
algorithm and the MAC algorithm. Commonly used key exchange algorithms are asymmetric key
algorithms, such as RSA.
The SSL client sends the preferred cipher suite to the SSL server, the server matches the received cipher
suite against the cipher suits it supports. If a match is found, the cipher suite negotiation succeeds.
Otherwise, the negotiation fails.
276