Ssl commands – HP Secure Key Manager User Manual

SSL commands

cipherspec

– enable a cipher spec.

NOTE:

The cipher order pertains to the communication channel between the client (application, database,
etc.) and the SKM. It does not affect the keys that might be used to encrypt data by the KMS Server.

hostname (config)# cipherspec <disabled cipher #>

Syntax

NOTE:

Unless you know the priority of the disabled cipher you want to enable, you can use
the show cipherspec command to display the ciphers on the system.

• show cpiherspec
• cipherspec priority
• no cipherspec
• no export cipherspec
• restore cipherspec

Related com-
mand(s)

cipherspec priority

– prioritize the cipher spec.

NOTE:

The cipher order pertains to the communication channel between the client (application, database,
etc.) and the SKM. It does not affect the keys that might be used to encrypt data by the KMS Server.

hostname (config)# cipherspec priority

CURRENT PRIORITIES

The SSL cipher order is shown below:

Priority Key Exchange Cipher KeysizeHash

1 RSA AES128 128SHA-1

2 RSA AES256 256SHA-1

3 RSA 3DES 168SHA-1

Disabled (1) RSA RC4 128SHA-1

Disabled (2) RSA RC4 128MD5

Disabled (3) RSA Low Security DES 56SHA-1

Disabled (4) RSA Low Security RC4 56SHA-1

Disabled (5) RSA Low Security RC4 56MD5

Disabled (6) RSA Low Security RC2 56MD5

Disabled (7) RSA Low Security DES 40SHA-1

Disabled (8) RSA Low Security RC2 40MD5

Disabled (9) RSA Low Security RC4 40MD5

NEW PRIORITY CONFIGURATION

Please use the current priority from above to reference each item.

Which item will have priority #1 (1..12):

Which item will have priority #2:

Which item will have priority #3:

Which item will have priority #4:

Cipher Order priorities successfully changed.

Syntax

Using the Command Line Interface

316