sslCipherList

ARICENT-SSL-MIB · .1.3.6.1.4.1.2076.96.2.1
MIB view Table view

Object

scalar r/w SNMPv2-SMIInteger32 
This object is used to configure the cipher-suites list.
This field is a bit mask, setting a bit indicates that the 
	  corresponding cipher-list will be involved in the server
authentication.
          
BIT 0 - RSA-NULL-MD5
BIT 1 - RSA-NULL-SHA
BIT 2 - RSA-DES-SHA
BIT 3 - RSA-3DES-SHA
BIT 4 - DH-RSA-DES-SHA
BIT 5 - DH-RSA-3DES-SHA
BIT 6 - RSA-EXP1024-DES-SHA
BIT 7 - RSA-WITH-AES-128-CBC-SHA
BIT 8 - RSA-WITH-AES-256-CBC-SHA
BIT 9 - DHE-RSA-WITH-AES-128-CBC-SHA
BIT 10 - DHE-RSA-WITH-AES-256-CBC-SHA
BIT 11 - ECDHE_RSA_WITH_AES_256_GCM_SHA384
BIT 12 - ECDHE_RSA_WITH_CHACHA20_POLY1305
BIT 13 - ECDHE_RSA_WITH_AES_128_GCM_SHA256
BIT 14 - ECDHE_RSA_WITH_AES_256_SHA384
BIT 15 - ECDHE_RSA_WITH_AES_128_SHA256
BIT 16 - TLS_AES_128_GCM_SHA256
BIT 17 - TLS_AES_256_GCM_SHA384
BIT 18 - TLS_CHACHA20_POLY1305_SHA256
                                  
          
Note:BIT 0 - Least significant bit
BIT 10 - Most significant bit
          
For example,setting the cipher list to the value - 001 0101, 
will include RSA-NULL-MD5, RSA-DES-SHAa and DH-RSA-DES-SHA as 
cipher-list for authentication.
          
In the FIPS (American Security Standard Mode) Mode,  
Only the following cipher list should be supported.
  TLS_RSA_3DES_SHA1 
  TLS_ DHE_RSA_3DES_SHA1
  TLS_RSA_WITH_AES_128_CBC_SHA 
  TLS_RSA_WITH_AES_256_CBC_SHA 
  TLS_DHE_RSA_WITH_AES_128_CBC_SHA 
  TLS_DHE_RSA_WITH_AES_256_CBC_SHA 
hence the default value in FIPS mode will be
  TLS_RSA_3DES_SHA1 | TLS_ DHE_RSA_3DES_SHA1 | TLS_RSA_WITH_AES_128_CBC_SHA |
  TLS_RSA_WITH_AES_256_CBC_SHA | TLS_DHE_RSA_WITH_AES_128_CBC_SHA |
  TLS_DHE_RSA_WITH_AES_256_CBC_SHA.
From 2.1, only the following ciphers are supported:
  TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
  TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  TLS_ECDHE_RSA_WITH_AES_256_SHA384
  TLS_ECDHE_RSA_WITH_AES_128_SHA256
From 5.1 the following ciphers were added:
  TLS_AES_128_GCM_SHA256
  TLS_AES_256_GCM_SHA384
  TLS_CHACHA20_POLY1305_SHA256
hence the default value will be
  TLS_AES_128_GCM_SHA256 | TLS_AES_256_GCM_SHA384 |
  TLS_CHACHA20_POLY1305_SHA256

Context

MIB
ARICENT-SSL-MIB
OID
.1.3.6.1.4.1.2076.96.2.1
Type
scalar
Access
readwrite
Status
current
Parent
sslCiphers
Siblings
1

Syntax

SNMPv2-SMIInteger32
Source
SNMPv2-SMIInteger32
Base type
Integer32

Values & Constraints

Type Constraints
range: -2147483648..2147483647

Related Objects

Sibling Objects
ObjectTypeSyntaxOID
sslDefaultCipherList
This object is used to set the default cipher-suites list in 'sslCipherList'. Setting DefaultCipherList to TRUE would set the following cipher-list for authentication: - TLS_AES_…
scalarSNMPv2-TCTruthValue.1.3.6.1.4.1.2076.96.2.2