Filter
Top Products
40-2
Cisco ASDM User Guide
OL-16647-01
Chapter 40 Configuring SSL Settings
SSL
Options for Client SSL versions include the following:
• Encryption—Lets you set SSL encryption algorithms.
–
Available Algorithms—Lists the encryption algorithms the security appliance supports that are
not in use for SSL connections. To use, or make active, an available algorithm, highlight the
algorithm and click Add.
–
Active Algorithms—Lists the encryption algorithms the security appliance supports and is
currently using for SSL connections. To discontinue using, or change an active algorithm to
available status, highlight the algorithm and click Remove.
–
Add/Remove—Click to change the status of encryption algorithms in either the Available or
Active Algorithms columns.
–
Move Up/Move Down—Highlight an algorithm and click these buttons to change its priority.
The security appliance attempts to use an algorithm
• Certificates—Lets you select a fallback certificate, and displays configured interfaces and the
configured certificates associated with them.
–
Fallback Certificate—Click to select a certificate to use for interfaces that have no certificate
associated with them. If you select None, the security appliance uses the default RSA key-pair
and certificate.
–
Interface and ID Certificate columns—Display configured interfaces and the certificate, if
any, for the interface.
–
Edit—Click to change the trustpoint for the highlighted interface.
• Apply—Click to apply your changes.
• Reset—Click to remove changes you have made and reset SSL parameters to the values that they
held when you opened the window.
Modes
The following table shows the modes in which this feature is available:
Edit SSL Certificate
Fields
• Interface—Displays the name of the interface you are editing.
any The security appliance sends SSL version3 hellos, and negotiates either
SSL version 3 or TLS version 1.
sslv3-only The security appliance sends SSL version 3 hellos, and accepts only SSL
version 3.
tlsv1-only The security appliance sends TLSv1 client hellos, and accepts only TLS
version 1.
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
• • • •—