beautypg.com

99 viewing the ssl cipher order section, 79 ssl cipher order section components – HP Secure Key Manager User Manual

Page 167

background image

CAUTION:

Exercise caution when modifying the SSL Cipher Order. Unless you are familiar with SSL Ciphers, you

should not rearrange the Cipher Order list. Changes to the list may affect both performance and security.

Click Restore Defaults to reset the list to the original settings.

Figure 99 Viewing the SSL Cipher Order section

The following table describes the components of the SSL Cipher Order section.

Table 79 SSL Cipher Order section components

Component

Description

Priority

You can arrange the SSL Cipher order using the Up and Down buttons. One (1) is the

highest priority, and ten (10) is a low priority.

Key Exchange

This field specifies the algorithm to use for encryption and authentication. Supported

algorithms: RSA and RSA Low Security.

Cipher

This field specifies the symmetric cipher to use to encrypt SSL sessions. Supported

ciphers: AES, DES, 3DES, RC2, and RC4.

Keysize

This field specifies the number of bits of the session key size. Supported key sizes

vary for each cipher.

Hash

This field specifies the Hash function to use for SSL session integrity. The supported

Hash functions are:

SHA–1: (Secure Hash Algorithm). SHA–1 operates on 64–byte blocks of data

and produces a 160–bit authentication value.

MD5: (Message Digest algorithm). MD5 operates on 64–byte blocks of data

and produces a 128–bit authentication value.

Disable Low Security

Ciphers

This field allows you to mandate that only high security ciphers (128–bit and above)

are used within an organization.

Up / Down

Click Up and Down to arrange the SSL Cipher order.

Enable

Click Enable and Disable to enable and disable the selected cipher.

NOTE:

Enabling RC4 ciphers or any RSA Low Security ciphers on a FIPS-compliant

device will take the device out of FIPS compliance - possibly in a manner

that does not comply with FIPS standards. For information on disabling FIPS

compliance, see

FIPS Compliance

.

Disable Low Security

Ciphers

Click the Disable Low Security Ciphers to disable the low security ciphers.

Restore Defaults

Click Restore Defaults to restore the original SSL cipher order.

Secure Key Manager

167

See also other documents in the category HP Storage: