search cancel

Cipher suite order does not work for listeners ports

book

Article ID: 190700

calendar_today

Updated On:

Products

CA API Gateway API SECURITY CA API Gateway Precision API Monitoring Module for API Gateway (Layer 7) CA API Gateway Enterprise Service Manager (Layer 7) STARTER PACK-7 CA Microgateway

Issue/Introduction

When configuring the ciphers suites in the ssl listen port settings, I noticed that the order of the ciphers does not influence the order in which they are presented in an SSL handshake.

This is contrary to what I have read on the docops:

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-gateway/10-0/security-configuration-in-policy-manager/tasks-menu-security-options/manage-http-options/selecting-cipher-suites.html

 

Environment

Release : 10.0

Component : API GATEWAY

Resolution

This is a known limitation which will be addressed in CR1 for GW 10

Thiss is planned as part of some other works on tls 1.3 and secure ciphers for GW 10 CR1  .