webserver ciphers set
Sets REST API server ciphers suite.
User Privileges
Users with the following privileges can perform this command:
>Admin
Syntax
webserver ciphers set -list <cipher_list> [-tls1_2] [-tls1_3] [-restart] [-force]
| Argument(s) | Shortcut | Description |
|---|---|---|
| -list <cipher_list> | -l | Colon-separated list of ciphers. To allow all ciphers, set -list all. |
| -force | -f | Force the action without prompting. |
| -restart | -r | Restart the webserver service automatically. Otherwise, the administrator must restart the REST API service by running service restart webserver. This option is deprecated and has been removed in Luna Appliance Software 7.8.4 and newer. In newer versions, the service is always restarted automatically. |
| -tls1_2 | -tls1_2 | Specify this option with -list all to set all TLS 1.2 ciphers. Requires Luna Appliance Software 7.8.4 or newer. |
| -tls1_3 | -tls1_3 | Specify this option with -list all to set all TLS 1.3 ciphers. Requires Luna Appliance Software 7.8.4 or newer. |
Examples
lunash:>webserver ciphers set -list TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256
This operation will set the webserver cipher(s) to use the following cipher(s):
Configured Ciphers
--------------------------------------------------
TLS_AES_256_GCM_SHA384
TLS_AES_128_GCM_SHA256
This operation will restart the webserver service.
Type 'proceed' to set webserver cipher(s) and restart the webserver service, or 'quit'
to quit now. > proceed
Command Result : 0 (Success)
lunash:>webserver ciphers set -list all -tls1_3
This operation will set the TLS1.3 cipher(s) for webserver.
TLS_AES_256_GCM_SHA384
TLS_CHACHA20_POLY1305_SHA256
TLS_AES_128_GCM_SHA256
This operation will restart the webserver service.
Type 'proceed' to set webserver cipher(s) and restart the webserver service, or 'quit'
to quit now. > proceed
Command Result : 0 (Success)
lunash:>webserver ciphers set -list all -tls1_2 -force This operation will set the TLS1.2 cipher(s) for webserver. ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-SHA384 ECDHE-RSA-AES256-SHA384 DHE-RSA-AES256-SHA256 ECDHE-ECDSA-AES128-SHA256 ECDHE-RSA-AES128-SHA256 DHE-RSA-AES128-SHA256 AES256-GCM-SHA384 AES128-GCM-SHA256 AES256-SHA256 AES128-SHA256 This operation will restart the webserver service. Force option used. Proceed prompt bypassed. Command Result : 0 (Success)
