...
- Universal Broker does not offer NULL-* options for its ciphers list, but it does accept NULL-NULL when no encryption is desired.
- UCTL Server and UEM Server do not allow NULL-* ciphers to be selected for their control sessions.
- UDM Manager ignores the NULL-NULL cipher suite.
Starting with 7.46.0.0, the following Diffie-Hellman Ciphers are supported for TSLv1.2 only.
...
| Note | ||
|---|---|---|
| ||
The ECDHE-ECDSA-AES256-GCM-SHA384 and ECDHE-ECDSA-AES128-GCM-SHA256 ciphers require an ECDSA certificate; A RSA certificate will NOT work for these ciphers. See Creating an ECDSA Certificate.
As such, the EC (Elliptic Curve) keys used to sign the ECDSA certificate must be generated using one of the curves in the list above. |
...
SSL uses X.509 certificates and public and private keys to identify an entity. An entity may be a person, a program, or a system. A complete description of X.509 certificates is beyond the scope of this documentation. X.509 Certificates provides an overview to help get the reader oriented to the concepts, terminology and benefits.
...