sysconf tls ciphers

View or modify the list of ciphers that the Luna Network HSM appliance's TLS service negotiates with a contacting entity. This allows you to change the order of the default list, which determines the preference order when TLS is negotiating, or to exclude some of the supported ciphers from the negotiations, if desired. When the Luna Network HSM appliance is negotiating with a Client, the client cipher options are open (but see Note below), and the appliance choices prevail.

NOTE   This feature requires minimum appliance software version 7.2 and client 7.2. See Version Dependencies by Feature for more information.

Syntax

sysconf tls ciphers

reset
set
show

Argument(s) Shortcut Description
reset r Reset to the default ciphers. See sysconf tls ciphers reset.
set se Set the list of ciphers from which TLS can choose when negotiating session security. See sysconf tls ciphers set.
show sh Show the current list of ciphers available for TLS, or export the current settings as a template. See sysconf tls ciphers show.