ID #1146

How do I change the cipher list CMDaemon negotiates with clients?

Can I change the cipher list that CMDaemon will negotiate with clients?


Yes, this is possible in Bright 6.x with a CMDaemon revision >=17802.

To set the cipher list, the following AdvancedConfig option should be placed in /cm/local/apps/cmd/etc/cmd.conf:

AdvancedConfig = { "CipherList=HIGH" }

Note that if an AdvancedConfig section already exists in the cmd.conf, the CipherList option should be merged into the existing AdvancedConfig section (using commas as separation characters).

For more information about what ciphers are included in a given cipher list, use for example the following command:

openssl ciphers -v HIGH:SHA

Tags: -

Related entries:

You can comment this FAQ