Supported TLS/SSL Versions and Ciphers

IguanaX supports all versions and ciphers in the OpenSSL v3.0 Library.

When setting up an TLS connection, the client offers a list of ciphers and cipher suites it supports, and the server chooses the first one it supports. The versions and ciphers are ordered in a preferred priority so that during the TLS/SSL handshake process, the more secure versions and ciphers are attempted before less secure and efficient ones.

 

Description

Default

 

Description

Default

Version

The Version defines which set of cryptographic algorithms (ciphers and cipher suites) will be attempted during the handshake process between the client and server.

SSLv3, TLSv1.0, TLSv1.1, TLSv1.2, TLSv1.3

TLSv1.3 attempted first.

Ciphers

Cipher is an algorithm used to perform encryption or decryption.

ALL:!COMPLEMENTOFDEFAULT:!eNULL

This includes the list of ciphers supported in the OpenSSL v3.0 library, except the ciphers (RC4 and anonymous ciphers) disabled by default and the eNULL ciphers.

Attempted in order of cipher list.

Cipher Suites

Cipher suites are a collection of algorithms that work together to secure a network connection.

TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256

Attempted in order of cipher suite list.

Although not recommended due to security concerns, TLS defaults can be overridden - Overriding TLS Defaults.

 

Â