Cipher Suite Selection can be used to limit the ciphers that are offered by iDRAC’s web server for client communications allowing the user to determine how secure the connection should be. It provides another level of filtering for the effective in-use TLS Cipher Suite. These settings can be configured through iDRAC web interface and RACADM command-line interface. While there are no weak ciphers suites enabled on iDRAC, the most secure available in iDRAC is TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 and all others can be removed using this feature to maximize security. The cipherlist format is defined in the OpenSSL documentation as referenced here: www.openssl.org/docs/man1.0.2/man1/cipher
CAUTION:Using OpenSSL Cipher Command to parse strings with invalid syntax may lead to unexpected errors.
NOTE:This is an advanced security option. Before you configure this option, ensure that you have thorough knowledge of the following:
The OpenSSL Cipher String Syntax and its use
Tools and Procedures to validate the resultant Cipher Suite Configuration to ensure that the results align with the expectations and requirements