Set ssl line cipher-suite – Perle Systems IOLAN CSS User Manual
Page 93
Line Commands 91
Line Service Commands
Set SSL Line Cipher-suite
Description Sets the SSL/TLS cipher suite parameters for the line.
User Level Admin
Syntax
set ssl line .|<number>|* cipher-suite
option1|option2|option3|option4|option5
encryption any|aes|3des|des|arcfour|arctwo|none
min-key-size 40|56|64|128|168|256
max-key-size 40|56|64|128|168|256
key-exchange any|rsa|edh-rsa|edh-dss|adh
hmac any|sha1|md5
Options
option1|option2|option3|option4|option5
Sets the priority of the cipher suite, with
option1
being highest priority and
option5
lowest priority.
encryption
Select the type of encryption that will be used for the SSL connection:
z
Any—Will use the first encryption format that can be negotiated.
z
AES
z
3DES
z
DES
z
ARCFOUR
z
ARCTWO
z
None—Removes any values defined for the cipher option.
The default value is Any.
min-key-size
The minimum key size value that will be used for the specified encryption type. The
default is 40.
max-key-size
The maximum key size value that will be used for the specified encryption type. The
default is 256.
key-exchange
The type of key to exchange for the encryption format:
z
Any—Any key exchange that is valid is used (this does not, however, include ADH
keys).
z
RSA—This is an RSA key exchange using an RSA key and certificate.
z
EDH-RSA—This is an EDH key exchange using an RSA key and certificate.
z
EDH-DSS—This is an EDH key exchange using a DSA key and certificate.
z
ADH—This is an anonymous key exchange which does not require a private key
or certificate. Choose this key if you do not want to authenticate the peer device,
but you want the data encrypted on the SSL/TLS connection.
The default is Any.
hmac
Select the key-hashing for message authentication method for your encryption type:
z
Any
z
MD5
z
SHA1
The default is Any.