Previous page Section 3.11.8. TLS_PrivateKeyPassword Section 3.11.9. TLS_Ciphers (231 / 1691)   Table of Contents Section 3.11.10. TLS_Ciphersuites Next page

3.11.9. TLS_Ciphers Previous topic Parent topic Child topic Next topic

TLS_Ciphers specifies which subset of cipher suites is permissible for a connection when TLSv1.2 or earlier is negotiated. The parameter format is the cipher list format documented in OpenSSL manual for openssl ciphers command. The default value is DEFAULT:!EXPORT:!LOW.
# Exclude cipher suites using RC4 too
TLS_Ciphers DEFAULT:!EXPORT:!LOW:!RC4
This parameter affects only TLSv1.2 and earlier TLS versions. For the respective parameter for TLSv1.3, see Section 3.11.10. TLS_Ciphersuites
When SSL library supports security levels, a level can be set for each configuration clause together with cipher string. For more information about security levels, see Section 3.11.11. TLS_SecurityLevel
# System default level 2 is too strict for this module
TLS_Ciphers DEFAULT:!EXPORT:!LOW@SECLEVEL=1
Previous page Section 3.11.8. TLS_PrivateKeyPassword Section 3.11.9. TLS_Ciphers (231 / 1691)   Table of Contents Section 3.11.10. TLS_Ciphersuites Next page