Set dynamic-dns ssl cipher-suite – Perle Systems IOLAN CSS User Manual
Page 46
Dynamic DNS Commands
46
IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6
Set Dynamic-DNS SSL Cipher-Suite
Description Sets the SSL/TLS cipher suite parameters for the connection between the IOLAN and
the DNS server.
User Level Admin
Syntax
set dynamic-dns ssl cipher-suite
option1|option2|option3|option4|option5
encryption any|aes|3des|des|arcfour|arctwo|none
min-key-size 40|56|64|128|168|256
max-key-size 40|56|64|128|168|256
key-exchange any|rsa|edh-rsa|edh-dss|adh
hmac any|sha1|md5
Options
option1|option2|option3|option4|option5
Sets the priority of the cipher suite, with
option1
being highest priority and
option5
lowest priority.
encryption
Select the type of encryption that will be used for the SSL connection:
z
Any—Will use the first encryption format that can be negotiated.
z
AES
z
3DES
z
DES
z
ARCFOUR
z
ARCTWO
z
None—Removes any values defined for the cipher option.
The default value is Any.
min-key-size
The minimum key size value that will be used for the specified encryption type. The
default is 40.
max-key-size
The maximum key size value that will be used for the specified encryption type. The
default is 256.
key-exchange
The type of key to exchange for the encryption format:
z
Any—Any key exchange that is valid is used (this does not, however, include ADH
keys).
z
RSA—This is an RSA key exchange using an RSA key and certificate.
z
EDH-RSA—This is an EDH key exchange using an RSA key and certificate.
z
EDH-DSS—This is an EDH key exchange using a DSA key and certificate.
z
ADH—This is an anonymous key exchange which does not require a private key
or certificate. Choose this key if you do not want to authenticate the peer device,
but you want the data encrypted on the SSL/TLS connection.
The default is Any.