ITMS 8.x

Response:

The cipher usage depends on the Windows OS version, the later version the more sophisticated algorithms are available.

SMA (Symantec Management Agent) does not select the algorithm set and does not restrict the algorithm's usage, we’re relying on SCHANNEL to select the algorithm, then the client and server negotiate on the algorithm during the SSL handshake. If an algorithm is disabled in the OS then it will not be used by ITMS. You can use IISCrypto (https://www.nartac.com/Products/IISCrypto) to disable or enable the algorithms in the OS or modify the registry where it is configured directly as shown here:

Enabling TLS 1.2 for the ITMS Management Platform Environment

An example of the Windows 10 cipher suites enabled by default and their specified priority by Microsoft's Schannel Provider is shown in:

https://docs.microsoft.com/en-us/windows/win32/secauthn/tls-cipher-suites-in-windows-10-v1903