[AIX HP-UX Linux Solaris Windows][z/OS]

SSL Version 3 and TLS Version 1.0 cipher specifications

When an SSL connection is established, the client (Web browser) and the Web server negotiate the cipher to use for the connection. The Web server has an ordered list of ciphers, and the first cipher in the list that is supported by the client is selected.

SSL V3 and TLSv1.0

If you specify V3 or TLSv1.0 ciphers, and you do not specify SSL V2 ciphers, then SSL V2 support is disabled. If you specify SSL V2 ciphers, and you do not specify SSL V3 or TLS ciphers, then SSL V3 and TLSv1.0 support is disabled.
Note: In accordance with the NIST change for 19 May 2007, IBM HTTP Server does not support single-DES ciphers in FIPS mode for versions 6.0.2.1 or later and 6.0.1.11 or later.
Short name Long name Description
3A SSL_RSA_WITH_3DES_EDE_CBC_SHA Triple-DES SHA (168-bit)
33 SSL_RSA_EXPORT_WITH_RC4_40_MD5 RC4 SHA (40-bit)
34 SSL_RSA_WITH_RC4_128_MD5 RC4 MD5 (128-bit)
39 SSL_RSA_WITH_DES_CBC_SHA DES SHA (56-bit)
35 SSL_RSA_WITH_RC4_128_SHA RC4 SHA (128-bit)
35b TLS_RSA_WITH_AES_256_CBC_SHA AES SHA (256 bit)
2F TLS_RSA_WITH_AES_128_CBC_SHA AES SHA (128 bit)
36 SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5

Cipher specification 36 requires Netscape Navigator V4.07; it does not work on earlier versions of Netscape browsers.

RC2 MD5 (40-bit)
32 SSL_RSA_WITH_NULL_SHA  
31 SSL_RSA_WITH_NULL_MD5  
30 SSL_NULL_WITH_NULL_NULL  

[AIX Solaris HP-UX Linux Windows] 62

TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA DES SHA Export 1024 (56-bit)

[AIX Solaris HP-UX Linux Windows] 64

TLS_RSA_EXPORT1024_WITH_RC4_56_SHA RC4 SHA Export 1024 (56-bit)

FIPS Approved ciphers

The SSLFIPSEnable directive enables Federal Information Processing Standards (FIPS). When the SSLFIPSEnable directive is enabled, the set of ciphers available is restricted to the ciphers listed in the following table.

Avoid trouble Avoid trouble: Only TLSv1.0 ciphers are supported in FIPS mode.gotcha
Short name Long name Description
3A SSL_RSA_WITH_3DES_EDE_CBC_SHA Triple-DES SHA (168-bit)
35b TLS_RSA_WITH_AES_256_CBC_SHA AES SHA (256 bit)
2F TLS_RSA_WITH_AES_128_CBC_SHA AES SHA (128 bit)



Related reference
SSL Version 2 cipher specifications
Reference topic Reference topic    

Terms and conditions for information centers | Feedback

Last updatedLast updated: Aug 31, 2013 6:08:30 AM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=pix&product=ihs-dist&topic=rihs_v3ciphspec
File name: rihs_v3ciphspec.html