Set dynamic-dns ssl cipher-suite – Perle Systems IOLAN SDS User Manual

Dynamic DNS Commands

44

IOLAN SDS/SCS/STS/MDC CLI Reference Guide, Version 3.7

Set Dynamic-DNS SSL Cipher-Suite

Description Sets the SSL/TLS cipher suite parameters for the connection between the IOLAN and

the DNS server.

User Level Admin
Syntax

set dynamic-dns ssl cipher-suite

option1|option2|option3|option4|option5
encryption any|aes|3des|des|arcfour|arctwo|none
min-key-size 40|56|64|128|168|256
max-key-size 40|56|64|128|168|256
key-exchange any|rsa|edh-rsa|edh-dss|adh
hmac any|sha1|md5

Options

option1|option2|option3|option4|option5
Sets the priority of the cipher suite, with

option1

being highest priority and

option5

lowest priority.

encryption

Select the type of encryption that will be used for the SSL connection:

z

Any—Will use the first encryption format that can be negotiated.

z

AES

z

3DES

z

DES

z

ARCFOUR

z

ARCTWO

z

None—Removes any values defined for the cipher option.

The default value is Any.

min-key-size

The minimum key size value that will be used for the specified encryption type. The
default is 40.

max-key-size

The maximum key size value that will be used for the specified encryption type. The

default is 256.

key-exchange

The type of key to exchange for the encryption format:

z

Any—Any key exchange that is valid is used (this does not, however, include ADH

keys).

z

RSA—This is an RSA key exchange using an RSA key and certificate.

z

EDH-RSA—This is an EDH key exchange using an RSA key and certificate.

z

EDH-DSS—This is an EDH key exchange using a DSA key and certificate.

z

ADH—This is an anonymous key exchange which does not require a private key
or certificate. Choose this key if you do not want to authenticate the peer device,

but you want the data encrypted on the SSL/TLS connection.

The default is Any.