Description

The CTL_SSL_CIPHER_SUITES option specifies one or more SSL/TLS 1.3 specific cipher suites to use for the control session between UEM components. The SSL/TLS protocol uses the cipher suites to specify which encryption and message authentication (or message digest) algorithms to use.

This option is specific to TLS 1.3. To configure ciphers for TLS 1.2 and earlier, see the ctl_ssl_cipher_list option.

Usage

Method	Syntax	IBM i	UNIX	Windows	z/OS
Command Line, Short Form	n/a
Command Line, Long Form	-ctl_ssl_cipher_suites cipherlist
Environment Variable	UEMCTLSSLCIPHERSUITES=cipherlist
Configuration File Keyword	ctl_ssl_cipher_suites cipherlist

The option is NOT currently supported on HP-UX

Values

cipherlist is a comma-separated list of SSL/TLS cipher suites. The following table identifies the list of SSL/TLS cipher suites supported for this option.

The list is in default order, with the most preferred suite first and the least preferred suite last.

Cipher Suite	Description
TLS_AES_256_GCM_SHA384	256-bit AES encryption in Galois Counter Mode, SHA-2 384-bit message digest
TLS_CHACHA20_POLY1305_SHA256	256-bit CHACHA encryption with POLY1305 message authentication, SHA-2 256-bit message digest
TLS_AES_128_GCM_SHA256	128-bit AES encryption in Galois Counter Mode, SHA-2 256-bit message digest

Browser not supported