A cipher suite defines a set of technologies to secure your SSL communications:
Key exchange algorithm (how the secret key used to encrypt the data is communicated from the client to the server). Examples: RSA key or Diffie-Hellman (DH)
Authentication method (how hosts can authenticate the identity of remote hosts). Examples: RSA certificate, DSS certificate, or no authentication
Encryption cipher (how to encrypt data). Examples: AES (256 or 128 bits), RC4 (128 bits or 56 bits), 3DES (168 bits), DES (56 or 40 bits), or null encryption
Hash algorithm (ensuring data by providing a way to determine if data has been modified). Examples: SHA-1 or MD5
The supported cipher suites combine all these items.
Supported SSL cipher suites lists the SSL cipher suites supported by VNX for file.
Steps
To change the default SSL cipher suite, use this command syntax:
<new_value> = string that specifies the new cipher value. If the value includes any special characters (such as a semi-colon, space character, or exclamation), it must be enclosed in quotation marks.
NOTE: The default cipher suite value is ALL:!ADH:!SSLv2:@STRENGTH, which means that VNX for file supports all ciphers except the SSLv2, Anonymous Diffie-Hellman, and NULL ciphers, sorted by their “strength”, that is, the size of the encryption key.
Parameter and facility names are case-sensitive.
Example:
To change the default SSL cipher suite to a strong cipher (mainly AES128 and AES256) to be used by each new SSL connection, type: