Supported Cipher Strings - Cisco 8800 Series Manual

Supported Cipher Strings

RSA:!aNULL:!eNULL
supports those cipher suites using RSA authentication, but excludes those cipher suites offering no encryption
and authentication.
Note
The system regards an invalid value as a blank value. With a blank or an invalid value in the TLS Cipher
List field, the cipher suites used vary with applications. See the following list for the suites that the applications
use when this field is with a blank or an invalid value.
• Web Server (HTTPS) applications use the following cipher suites:
• SIP, TR-069, and other applications using the curl library use the DEFAULT cipher list, which is
• XMPP uses the cipher list HIGH:MEDIUM:AES:@STRENGTH.
Step 3
Click Submit All Changes.
Supported Cipher Strings
The supported cipher strings listed following is based on the OpenSSL 1.0.2l standards.
Table 12: Supported Cipher Strings (OpenSSL 1.0.2l)
Strings
DEFAULT
COMPLEMENTOFDEFAULT
ALL
COMPLEMENTOFALL
MEDIUM
eNULL, NULL
aNULL
Cisco IP Phone 8800 Series Multiplatform Phone Administration Guide for Release 11.3(1) and Later
130
A valid cipher list must follow the format defined at
ciphers.html. Your phone doesn't support all the cipher strings listed on the OpenSSL web page.
For the supported strings, see
• ECDHE-RSA-AES256-GCM-SHA384
• ECDHE-RSA-AES128-GCM-SHA256
• AES256-SHA
• AES128-SHA
• DES-CBC3-SHA
determined at compilation.
https://www.openssl.org/docs/man1.0.2/man1/
Supported Cipher Strings, on page
Strings
aDSS, DSS
aECDSA, ECDSA
AES128, AES256, AES
CAMELLIA128, CAMELLIA256,
CAMELLIA
SEED
kDHr,kDHd, kDH
kDHE, kEDH
Cisco IP Phone Configuration
130.
Strings
ADH
DH
kECDHE, EECDH
ECDH
aRSA
aDH
TLSv1.2, TLSv1, SSLv3