CA Embedded Entitlements Manager: Available ciphers for the new cipherlist tag
search cancel

CA Embedded Entitlements Manager: Available ciphers for the new cipherlist tag

book

Article ID: 46312

calendar_today

Updated On:

Products

Email

Issue/Introduction

The TLS protocol 1.1 or 1.2 can be specified for EEM, also together with several ciphers of choice.

Environment

Release:
Component: ETEIAM 12.6.x

Resolution

The protocol and ciphers are controlled in the igateway.conf file located here:

%IGW_LOC%  or  $IGW_LOC

To set the TLS protocol, search in the file for the word "secureProtocol" and modify that line as follows:

<secureProtocol>TLSV1_1</secureProtocol>

or

<secureProtocol>TLSV1_2</secureProtocol>

 

Next, search the file for the word "cipherlist" and modify that line as follows:

<cipherlist></cipherlist>    

 

Example: 

<cipherlist>-ALL:HIGH:MEDIUM:!RC4</cipherlist>   

The list of supported ciphers for EEM are:

DHE-RSA-AES256-SHA
DHE-DSS-AES256-SHA
AES256-SHA
EDH-RSA-DES-CBC3-SHA
EDH-DSS-DES-CBC3-SHA
DES-CBC3-SHA
DHE-RSA-AES128-SHA
DHE-DSS-AES128-SHA
AES128-SHA
RC4-SHA
RC4-MD5  
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-AES128-GCM-SHA256
DHE-RSA-AES256-GCM-SHA384
DHE-RSA-AES128-GCM-SHA256

Changes to the igateway.conf file require a restart of igateway. 

Additional Information

Settings are only valid for EEM version 12.6.x