Specifications
3-750
Cisco Wide Area Application Services Command Reference
OL-21611-01
Chapter 3 CLI Commands
(config-cipher-list) cipher
(config-cipher-list) cipher
To add a cipher suite to a cipher list, or to change the priority of a cipher suite on the list, use the cipher
command.
cipher cipher-suite-name [priority value]
Syntax Description
Defaults No default behavior or values.
Command Modes cipher list configuration
Device Modes application-accelerator
central-manager
Usage Guidelines The SSL protocol supports a variety of different cryptographic algorithms, or ciphers, for use in
operations such as authenticating the server and client to each other, transmitting certificates, and
establishing session keys. Clients and servers may support different cipher suites, or sets of ciphers,
depending on various factors such as the version of SSL they support, company policies regarding
acceptable encryption strength, and government restrictions on export of SSL-enabled software. Among
its other functions, the SSL handshake protocol determines how the server and client negotiate which
cipher suites they will use to authenticate each other to transmit certificates and to establish session keys.
cipher-suite-name The name of the cipher suite you want to add or reprioritize. Type
any of the following strings:
dhe-rsa-with-3des-ede-cbc-sha
dhe-rsa-with-aes-128-cbc-sha
dhe-rsa-with-aes-256-cbc-sha
dhe-rsa-with-des-cbc-sha
rsa-with-3des-ede-cbc-sha
rsa-with-aes-128-cbc-sha
rsa-with-aes-256-cbc-sha
rsa-with-des-cbc-sha
rsa-with-rc4-128-md5
rsa-with-rc4-128-sha
If you are establishing an SSL connection to a Microsoft IIS server,
do not select a DHE-based cipher suite.
priority value The priority of the cipher suite in relation to other suites in the list.
The priority value is from 1 to 15 (15 is the highest).