Ssl commands – HP Secure Key Manager User Manual
Page 316
SSL commands
cipherspec
– enable a cipher spec.
NOTE:
The cipher order pertains to the communication channel between the client (application, database,
etc.) and the SKM. It does not affect the keys that might be used to encrypt data by the KMS Server.
hostname (config)# cipherspec
Syntax
NOTE:
Unless you know the priority of the disabled cipher you want to enable, you can use
the show cipherspec command to display the ciphers on the system.
• show cpiherspec
• cipherspec priority
• no cipherspec
• no export cipherspec
• restore cipherspec
Related com-
mand(s)
cipherspec priority
– prioritize the cipher spec.
NOTE:
The cipher order pertains to the communication channel between the client (application, database,
etc.) and the SKM. It does not affect the keys that might be used to encrypt data by the KMS Server.
hostname (config)# cipherspec priority
CURRENT PRIORITIES
The SSL cipher order is shown below:
Priority Key Exchange Cipher KeysizeHash
1 RSA AES128 128SHA-1
2 RSA AES256 256SHA-1
3 RSA 3DES 168SHA-1
Disabled (1) RSA RC4 128SHA-1
Disabled (2) RSA RC4 128MD5
Disabled (3) RSA Low Security DES 56SHA-1
Disabled (4) RSA Low Security RC4 56SHA-1
Disabled (5) RSA Low Security RC4 56MD5
Disabled (6) RSA Low Security RC2 56MD5
Disabled (7) RSA Low Security DES 40SHA-1
Disabled (8) RSA Low Security RC2 40MD5
Disabled (9) RSA Low Security RC4 40MD5
NEW PRIORITY CONFIGURATION
Please use the current priority from above to reference each item.
Which item will have priority #1 (1..12):
Which item will have priority #2:
Which item will have priority #3:
Which item will have priority #4:
Cipher Order priorities successfully changed.
Syntax
Using the Command Line Interface
316