Ciphers

Many ciphers are available on the TLS connection, which may be negotiated automatically.

Restrictions on the ciphers used however is applied in the software.

Both a blacklist and whitelist are utilized to enable certain ciphers and disable others.

The cipher must be present on the whitelist and not present on the blacklist in order to be included in the permitted cipher list.

If the blacklist is not specified, only the whitelist will be checked.

For best security, a combination of whitelist and blacklist is configured by default.

If the cipher is a match for both the blacklist and whitelist, the cipher will be excluded.

A full list of ciphers permitted will be logged at the time a connection is attempted.