SSLProxyCipherSuite Directive

Specifies the SSL cipher suite that the proxy can use during the SSL handshake. This directive uses a colon-separated cipher specification string to identify the cipher suite. Table G-1 shows the tags to use in the string to describe the cipher suite you want. SSLProxyCipherSuite accepts the following values:

none: Adds the cipher to the list
+ : Adds the cipher to the list and places it in the correct location in the list
- : Removes the cipher from the list (which can be added later)
! : Removes the cipher from the list permanently

Tags are joined with prefixes to form a cipher specification string. Tags are joined together with prefixes to form a cipher specification string. The SSLProxyCipherSuite directive uses the same tags as the SSLCipherSuite directive. For a list of supported suite tags, see Table G-1.

Category Value

Category	Value
Example	`SSLProxyCipherSuite` ALL:!MD5 In this example, all ciphers are specified except MD5 strength ciphers.
Syntax	`SSLProxyCipherSuite` `cipher-spec`
Default	ALL:!ADH:+HIGH:+MEDIUM

Example

SSLProxyCipherSuite ALL:!MD5

In this example, all ciphers are specified except MD5 strength ciphers.

Syntax

SSLProxyCipherSuite cipher-spec

Default

ALL:!ADH:+HIGH:+MEDIUM

The SSLProxyCipherSuite directive uses the same cipher suites as the SSLCipherSuite directive. For a list of the Cipher Suites supported in Oracle Advanced Security 12.2.1, see Table G-2.