Home » Cipher order

  • Cipher order

    Cipher order

    In Windows Longhorn server You can specify in which order the cipher priority will work. this looks very nice:

    When turning to the Explain tab to see what I have to enter here it states the following:

     

    Determines the cipher suites used by the Secure Socket Layer (SSL).

    If this setting is enabled, SSL cipher suites will be prioritized in the order specified.

    If this setting is disabled or not configured, the factory default cipher suite order will be used.

    All available cipher suites:

    TLS_RSA_WITH_AES_128_CBC_SHA
    TLS_RSA_WITH_AES_256_CBC_SHA
    TLS_RSA_WITH_RC4_128_SHA
    TLS_RSA_WITH_3DES_EDE_CBC_SHA
    TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P256
    TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P384
    TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P521
    TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256
    TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P384
    TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P521
    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256
    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P384
    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P521
    TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256
    TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384
    TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P521
    TLS_DHE_DSS_WITH_AES_128_CBC_SHA
    TLS_DHE_DSS_WITH_AES_256_CBC_SHA
    TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
    TLS_RSA_WITH_RC4_128_MD5
    SSL_CK_RC4_128_WITH_MD5
    SSL_CK_DES_192_EDE3_CBC_WITH_MD5
    TLS_RSA_WITH_NULL_MD5
    TLS_RSA_WITH_NULL_SHA
    TLS_RSA_WITH_DES_CBC_SHA
    TLS_DHE_DSS_WITH_DES_CBC_SHA
    TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
    TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
    TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA
    TLS_RSA_EXPORT_WITH_RC4_40_MD5
    SSL_CK_DES_64_CBC_WITH_MD5
    SSL_CK_RC4_128_EXPORT40_WITH_MD5

    How to modify this setting:

    1. Open a blank notepad document.

    2. Copy and paste the list of available suites into it.

    3. Arrange the suites in the correct order; remove any suites you don't want to use.

    4. Place a comma at the end of every suite name except the last. Make sure there are NO embedded spaces.

    5. Remove all the line breaks so that the cipher suite names are on a single, long line.

    6. Copy the cipher-suite line to the clipboard, then paste it into the edit box. The maximum length is 1023 characaters.

    I like the 6 steps at the end of the explanation.

    Share this