SSL_CIPHER_LIST - UPPS configuration Option
Description
The SSL_CIPHER_LIST option specifies the SSL/TLS cipher suites acceptable for use by the SSL/TLS protocol.
The SSL/TLS protocol uses the cipher suites to specify which encryption and message authentication (or message digest) algorithms to use.
Usage
Method | Syntax | IBM i | HP NonStop | UNIX | Windows | z/OS |
---|---|---|---|---|---|---|
Command Line, Short Form | n/a | |||||
Command Line, Long Form | -ssl_cipher_list list | |||||
Environment Variable | UPPSSSLCIPHERLIST=list | |||||
Configuration File Keyword | ssl_cipher_list list |
Values
list is a comma-separated list of SSL/TLS cipher suites. The following table identifies the list of SSL/TLS cipher suites supported for this option.
The list is in default order, with the most preferred suite first and the least preferred suite last.
Cipher Suite | Description |
---|---|
AES256-GCM-SHA384 | 256-bit AES encryption in Galois Counter Mode, SHA-2 384-bit message digest. |
AES256-SHA | 256-bit AES encryption with SHA-1 message digest. |
AES128-GCM-SHA256 | 128-bit AES encryption in Galois Counter Mode, SHA-2 256-bit message digest. |
AES128-SHA | 128-bit AES encryption with SHA-1 message digest. |
ECDHE-RSA-AES256-GCM-SHA384 | Ephemeral Elliptic Curve Diffie-Hellman Key Exchange, RSA authentication, 256-bit AES encryption in Galois Counter Mode, SHA-2 384-bit message digest. |
ECDHE-ECDSA-AES256-GCM-SHA384 | Ephemeral Elliptic Curve Diffie-Hellman Key Exchange, ECDSA authentication, 256-bit AES encryption in Galois Counter Mode, SHA-2 384-bit message digest. |
ECDHE-RSA-AES128-GCM-SHA256 | Ephemeral Elliptic Curve Diffie-Hellman Key Exchange, RSA authentication, 128-bit AES encryption in Galois Counter Mode, SHA-2 256-bit message digest. |
ECDHE-ECDSA-AES128-GCM-SHA256 | Ephemeral Elliptic Curve Diffie-Hellman Key Exchange, ECDSA authentication, 128-bit AES encryption in Galois Counter Mode, SHA-2 256-bit message digest. |
RC4-SHA | 128-bit RC4 encryption with SHA-1 message digest. |
RC4-MD5 | 128-bit RC4 encryption with MD5 message digest. |
DES-CBC3-SHA | 128-bit Triple-DES encryption with SHA-1 message digest. |
DES-CBC-SHA | 128-bit DES encryption with SHA-1 message digest. Note As of Universal Agent 6.7.0.0, DES-CBC-SHA is supported only on HP-UX. |
NULL-SHA256 | No encryption and SHA-2 256-bit message digest. |
NULL-SHA | No encryption and SHA-1 message digest. |
NULL-MD5 | No encryption and MD5 message digest. |
Command Usage
The SSL_CIPHER_LIST option is an SSL/TLS option.
SSL/TLS options are associated with program execution, not commands. They are used to configure the environment and behavior of HTTPS connections with the PeopleSoft system. They can be used with any command, but they only impact HTTPS connections.