HTTPS/SSL Ciphers

Which ciphers to allow in HTTPS/SSL connections to the Search Appliance server from remote clients.

The syntax is similar to the Apache HTTP server SSLCipherSuite setting: an optional SSL (default) or TLSv1.3 token indicating a cipher protocol group, followed (after spaces) by a colon-separated list of ciphers (OpenSSL format; e.g. DEFAULT:!LOW to turn off low-security ciphers). Each line gives ciphers for a different protocol group, like a separate SSLCipherSuite Apache setting. The default (if unset/empty) is to use the OpenSSL defaults. A given cipher protocol group should not be specified more than once: combine all ciphers for a group into one line. Each distinct cipher protocol group's list is independent, and only applies to the indicated protocol(s) in the group.


Copyright © Thunderstone Software     Last updated: Nov 8 2024
Copyright © 2024 Thunderstone Software LLC. All rights reserved.