Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
555
Views
9
Helpful
2
Replies

CSS/SSL termination - cypher negotiation Q

a.gesse
Level 1
Level 1

‎11-08-2006 06:45 AM

Hi everyone

question regarding SSL termination on CSS/SSL module.

I have several several cyphers in my ssl-proxy list,

What is the algorithm to choose the cypher ?

I may assume that CSS and browser negotiate it during SSL session establishing.

The testing shows that same browser gets different cyphers when it hits

different CSSs (cyphers are in the same order in proxy-lists on CSSs)

Thanks

Alex

Labels:
0 Helpful
2 Replies 2

Gilles Dufour
Cisco Employee
Cisco Employee

‎11-09-2006 12:28 AM

Alex,

it's not really an algorithm.

The browser selects the first cipher that matches its requirements in the list presented by the server/CSS.

The CSS builds a list in the order of weight.

If you did not specify any weight, the list can be random depending in which order you entered the command.

I would say, if you want a specific cipher to be selected, use a highest weight for this cipher.

Gilles.

a.gesse
Level 1
Level 1
In response to Gilles Dufour

‎11-09-2006 06:56 AM

Thanks Gilles,

this is exactly what I am looking for,

I missed it in docs

regards,

Alex

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card