Question
- What are the SSL ciphers that are supported in Silverline?
Environment
- Silverline WAF
- Silverline DDoS
- Proxy/Proxies
- SSL Certificate/SSL Frontend Profile/SSL Backend Profile
- SSL Ciphers
Answer
Below is a list of all available ciphers.
Note: Silverline uses the OpenSSL Suite format. If you need to enable/disable specific SSL Ciphers, use OpenSSL and not IANA.
| Protocol | HEX | OpenSSL Suite (Silverline) | IANA (SSL Labs usually) |
| TLSv1.2 | 0xC013 | ECDHE-RSA-AES128-CBC-SHA | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA |
| TLSv1.2 | 0xC014 | ECDHE-RSA-AES256-CBC-SHA | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA |
| TLSv1.2 | 0xC02F | ECDHE-RSA-AES128-GCM-SHA256 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 |
| TLSv1.2 | 0xC027 | ECDHE-RSA-AES128-SHA256 | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 |
| TLSv1.2 | 0xC030 | ECDHE-RSA-AES256-GCM-SHA384 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 |
| TLSv1.2 | 0xC028 | ECDHE-RSA-AES256-SHA384 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 |
| TLSv1.2 | 0x9C | AES128-GCM-SHA256 | TLS_RSA_WITH_AES_128_GCM_SHA256 |
| TLSv1.2 | 0x2F | AES128-SHA | TLS_RSA_WITH_AES_128_CBC_SHA |
| TLSv1.2 | 0x3C | AES128-SHA256 | TLS_RSA_WITH_AES_128_CBC_SHA256 |
| TLSv1.2 | 0x9D | AES256-GCM-SHA384 | TLS_RSA_WITH_AES_256_GCM_SHA384 |
| TLSv1.2 | 0x35 | AES256-SHA | TLS_RSA_WITH_AES_256_CBC_SHA |
| TLSv1.2 | 0x3D | AES256-SHA256 | TLS_RSA_WITH_AES_256_CBC_SHA256 |
| TLSv1.2 | 0x41 | CAMELLIA128-SHA | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA |
| TLSv1.2 | 0x84 | CAMELLIA256-SHA | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA |
| TLSv1.2 | 0x9E | DHE-RSA-AES128-GCM-SHA256 | TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 |
| TLSv1.2 | 0x33 | DHE-RSA-AES128-SHA | TLS_DHE_RSA_WITH_AES_128_CBC_SHA |
| TLSv1.2 | 0x67 | DHE-RSA-AES128-SHA256 | TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 |
| TLSv1.2 | 0x9F | DHE-RSA-AES256-GCM-SHA384 | TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 |
| TLSv1.2 | 0x39 | DHE-RSA-AES256-SHA | TLS_DHE_RSA_WITH_AES_256_CBC_SHA |
| TLSv1.2 | 0x6B | DHE-RSA-AES256-SHA256 | TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 |
| TLSv1.2 | 0x45 | DHE-RSA-CAMELLIA128-SHA | TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA |
| TLSv1.2 | 0x88 | DHE-RSA-CAMELLIA256-SHA | TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA |
| TLSv1.2 | 0xA6 | ADH-AES128-GCM-SHA256 | TLS_DH_anon_WITH_AES_128_GCM_SHA256 |
| TLSv1.2 | 0xA7 | ADH-AES256-GCM-SHA384 | TLS_DH_anon_WITH_AES_256_GCM_SHA384 |
| TLSv1.2 | 0xC012 | ECDHE-RSA-DES-CBC3-SHA | TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA |
| TLSv1.2 | 0xA | DES-CBC3-SHA | SSL_CK_DES_192_EDE3_CBC_WITH_SHA |
| TLSv1.2 | 0x16 | DHE-RSA-DES-CBC3-SHA | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA |
| TLSv1.2 | 0x5 | RC4-SHA | TLS_RSA_WITH_RC4_128_SHA |
| TLSv1.2 | 0x010080 | RC4-MD5 | TLS_RSA_WITH_RC4_128_MD5 |
| TLSv1.1 | 0x2F | AES128-SHA | TLS_RSA_WITH_AES_128_CBC_SHA |
| TLSv1.1 | 0x35 | AES256-SHA | TLS_RSA_WITH_AES_256_CBC_SHA |
| TLSv1.1 | 0x41 | CAMELLIA128-SHA | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA |
| TLSv1.1 | 0x84 | CAMELLIA256-SHA | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA |
| TLSv1.1 | 0x33 | DHE-RSA-AES128-SHA | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA |
| TLSv1.1 | 0x39 | DHE-RSA-AES256-SHA | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA |
| TLSv1.1 | 0x45 | DHE-RSA-CAMELLIA128-SHA | TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA |
| TLSv1.1 | 0x88 | DHE-RSA-CAMELLIA256-SHA | TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA |
| TLSv1.1 | 0xC012 | ECDHE-RSA-DES-CBC3-SHA | TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA |
| TLSv1.1 | 0xA | DES-CBC3-SHA | TLS_RSA_WITH_3DES_EDE_CBC_SHA |
| TLSv1.1 | 0x16 | DHE-RSA-DES-CBC3-SHA | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA |
| TLSv1.1 | 0x9 | DES-CBC-SHA | TLS_RSA_WITH_DES_CBC_SHA |
| TLSv1.1 | 0x5 | RC4-SHA | TLS_RSA_WITH_RC4_128_SHA |
| TLSv1.1 | 0x4 | RC4-MD5 | TLS_RSA_WITH_RC4_128_MD5 |
| TLSv1.0 | 0x2F | AES128-SHA | TLS_RSA_WITH_AES_128_CBC_SHA |
| TLSv1.0 | 0x35 | AES256-SHA | TLS_RSA_WITH_AES_256_CBC_SHA |
| TLSv1.0 | 0x41 | CAMELLIA128-SHA | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA |
| TLSv1.0 | 0x84 | CAMELLIA256-SHA | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA |
| TLSv1.0 | 0x33 | DHE-RSA-AES128-SHA | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA |
| TLSv1.0 | 0x39 | DHE-RSA-AES256-SHA | TLS_DHE_RSA_WITH_AES_256_CBC_SHA |
| TLSv1.0 | 0x45 | DHE-RSA-CAMELLIA128-SHA | TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA |
| TLSv1.0 | 0x88 | DHE-RSA-CAMELLIA256-SHA | TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA |
| TLSv1.0 | 0x34 | ADH-AES128-SHA | TLS_DH_anon_WITH_AES_128_CBC_SHA |
| TLSv1.0 | 0x3A | ADH-AES256-SHA | TLS_DH_anon_WITH_AES_256_CBC_SHA |
| TLSv1.0 | 0xC012 | ECDHE-RSA-DES-CBC3-SHA | TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA |
| TLSv1.0 | 0xA | DES-CBC3-SHA | TLS_RSA_WITH_3DES_EDE_CBC_SHA |
| TLSv1.0 | 0x16 | DHE-RSA-DES-CBC3-SHA | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA |
| TLSv1.0 | 0x1B | ADH-DES-CBC3-SHA | TLS_DH_anon_WITH_3DES_EDE_CBC_SHA |
| TLSv1.0 | 0x9 | DES-CBC-SHA | TLS_RSA_WITH_DES_CBC_SHA |
| TLSv1.0 | 0x1A | ADH-DES-CBC-SHA | TLS_DH_anon_WITH_DES_CBC_SHA |
| TLSv1.0 | 0x5 | RC4-SHA | TLS_RSA_WITH_RC4_128_SHA |
| TLSv1.0 | 0x4 | RC4-MD5 | TLS_RSA_WITH_RC4_128_MD5 |
| TLSv1.0 | 0x18 | ADH-RC4-MD5 | TLS_DH_anon_WITH_RC4_128_MD5 |
Related Content
- SSL Workflow: How to Upload SSL Certificates, Create SSL Profiles, and Add SSL Profiles to Proxy
- How to Manage Existing SSL Certificates and SSL Profiles
- What is Intermediate SSL Certificate?
- Q&A: What are the SOC Curated Ciphers that Silverline Uses in SSL Profile?
- How To: Request F5 SOC to disable/enable specific SSL cipher suites
- Mapping OpenSSL Suite to IANA - https://testssl.sh/openssl-iana.mapping.html