SSL_CIPHER_LIST - UPPS configuration Option

Owned by Former user (Deleted)
Last updated: Jan 19, 2023 by Stonebranch (Deactivated)
1 min read

Description

The SSL_CIPHER_LIST option specifies the SSL/TLS cipher suites acceptable for use by the SSL/TLS protocol.

The SSL/TLS protocol uses the cipher suites to specify which encryption and message authentication (or message digest) algorithms to use.

Usage

Method

Syntax

IBM i

HP NonStop

UNIX

Windows

z/OS

Command Line, Short Form

n/a






Command Line, Long Form

-ssl_cipher_list list



(tick)

(tick)


Environment Variable

UPPSSSLCIPHERLIST=list



(tick)

(tick)


Configuration File Keyword

ssl_cipher_list list



(tick)

(tick)


Values

list is a comma-separated list of SSL/TLS cipher suites. The following table identifies the list of SSL/TLS cipher suites supported for this option.

The list is in default order, with the most preferred suite first and the least preferred suite last.

Cipher Suite

Description

AES256-GCM-SHA384

256-bit AES encryption in Galois Counter Mode, SHA-2 384-bit message digest.

AES256-SHA

256-bit AES encryption with SHA-1 message digest.

AES128-GCM-SHA256

128-bit AES encryption in Galois Counter Mode, SHA-2 256-bit message digest.

AES128-SHA

128-bit AES encryption with SHA-1 message digest.

RC4-SHA

128-bit RC4 encryption with SHA-1 message digest.

RC4-MD5

128-bit RC4 encryption with MD5 message digest.

DES-CBC3-SHA

128-bit Triple-DES encryption with SHA-1 message digest.

DES-CBC-SHA
                                     

128-bit DES encryption with SHA-1 message digest.
 

Note

As of Universal Agent 6.7.0.0, DES-CBC-SHA is supported only on HP-UX.
 
Additionally, any Agents on HP-UX that accept connections from, or attempt connections to, Agents on other platforms must be configured with at least one currently supported cipher suite besides DES-CBC-SHA. Therefore, those HP-UX Agents cannot be configured only with DES-CBC-SHA in their list of cipher suites.

NULL-SHA256

No encryption and SHA-2 256-bit message digest.

NULL-SHA

No encryption and SHA-1 message digest.

NULL-MD5

No encryption and MD5 message digest.

Command Usage

The SSL_CIPHER_LIST option is an SSL/TLS option.

SSL/TLS options are associated with program execution, not commands. They are used to configure the environment and behavior of HTTPS connections with the PeopleSoft system. They can be used with any command, but they only impact HTTPS connections.