On initial startup, before any cipher suite preferences have been set, no preferences are shown by sp_ssladmin lscipher.
1> sp_ssladmin lscipher 2> go
Output:
Cipher Suite Name Preference ----------------- ---------- (0 rows affected) (return status = 0)
The following example specifies the set of cipher suites that use FIPS algorithms.
1> sp_ssladmin setcipher, 'FIPS'2> go
A preference of 0 (zero) sp_ssladmin output indicates a cipher suite is not used by Adaptive Server. The other, non-zero numbers, indicate the preference order that Adaptive Server uses the algorithm during the SSL handshake. The client side of the SSL handshake chooses one of these cipher suites that matches its list of accepted cipher suites.
This example uses a quoted list of cipher suites to set preferences in Adaptive Server:
1> sp_ssladmin setcipher, 'TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA' 2> go
| Copyright © 2005. Sybase Inc. All rights reserved. |
|
|
