IBM HTTP Server help: SSL CipherSpec

CipherSpec

The following directives require browser configuration:

  1. SSLVersion
  2. SSLCipherSpec
  3. SSLCipherRequire

Related information:

SSLCipherRequire
SSLCipherSpec
SSLVersion

Cipher specifications and key sizes

The SSL cipher specification tells you which data encryption algorithm and key size are used; for SSL V3, the hashing algorithm is included. For example, cipher specification DES SHA (56 bit) uses the DES encryption algorithm, a 56-bit key size, and the SHA hashing algorithm. For more detailed information on cipher specifications, go to URL http://home.netscape.com/eng/ssl3/.

Related information

How to set advanced security options

List of valid cipher specifications

  Version 2 Cipher Specifications  
North American edition (U.S. and Canada)
Shortname Longname Description
27 SSL_DES_192_EDE3_CBC_WITH_MD5 Triple-DES (168 bit)
21 SSL_RC4_128_WITH_MD5 RC4 (128 bit)
23 SSL_RC2_CBC_128_CBC_WITH_MD5 RC2 (128 bit)
26 SSL_DES_64_CBC_WITH_MD5 DES (56 bit)
22 SSL_RC4_128_EXPORT40_WITH_MD5 RC4 (40 bit)
24 SSL_RC2_CBC_128_CBC_EXPORT40_WITH_MD5 RC2 (40 bit)
 
Version 3 Cipher Specifications
 
3A SSL_RSA_WITH_3DES_EDE_CBC_SHA Triple-DES SHA (168 bit)
33 SSL_RSA_EXPORT_WITH_RC4_40_MD5 RC4 SHA (128 bit)
34 SSL_RSA_WITH_RC4_128_MD5 RC4 MD5 (128 bit)
39 SSL_RSA_WITH_DES_CBC_SHA DES SHA (56 bit)
35 SSL_RSA_WITH_RC4_128_SHA RC4 SHA (40 bit)
36 (See Note 1.) SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 RC2 MD5 (40 bit)
32 SSL_RSA_WITH_NULL_SHA
31 SSL_RSA_WITH_NULL_MD5
30 SSL_NULL_WITH_NULL_NULL

Note 1: Cipher spec 36 requires Netscape Navigator 4.07; it does not work on earlier versions of Netscape browsers.


International export edition
Shortname Longname Description
3A SSL_RSA_WITH_3DES_EDE_CBC_SHA Triple-DES SHA (168 bit)
33 SSL_RSA_EXPORT_WITH_RC4_40_MD5 RC4 SHA (128 bit)
34 SSL_RSA_WITH_RC4_128_MD5 RC4 MD5 (128 bit)
39 SSL_RSA_WITH_DES_CBC_SHA DES SHA (56 bit)
35 SSL_RSA_WITH_RC4_128_SHA RC4 SHA (40 bit)
36 (See Note 1.) SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 RC2 MD5 (40 bit)
32 SSL_RSA_WITH_NULL_SHA
31 SSL_RSA_WITH_NULL_MD5
30 SSL_NULL_WITH_NULL_NULL