Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

custom-ciphers

Syntax

Hierarchy Level

Description

Configure custom cipher for an SSL profile.

Custom ciphers allow you to define your own cipher list. If you do not want to use one of the three categories (strong, medium, or week) of preferred ciphers, you can select ciphers from each of the categories to form a custom cipher set.

To configure custom ciphers, you must set preferred-ciphers to custom. See preferred-ciphers for more details.

Options

ecdhe-rsa-with-3des-ede-cbc-sha

ECDHE/RSA, 3 DES EDE/CBC, SHA hash

ecdhe-rsa-with-aes-128-cbc-sha

ECDHE/RSA, 128-bit AES/CBC, SHA hash

ecdhe-rsa-with-aes-128-cbc-sha256

ECDHE/RSA, 128-bit AES/CBC, SHA256 hash

ecdhe-rsa-with-aes-128-gcm-sha256

ECDHE/RSA, 128-bit AES/GCM, SHA256 hash

ecdhe-rsa-with-aes-256-cbc-sha

ECDHE/RSA, 256-bit AES/CBC, SHA hash

ecdhe-rsa-with-aes-256-cbc-sha384

ECDHE/RSA, 256-bit AES/CBC, SHA384 hash

ecdhe-rsa-with-aes-256-gcm-sha384

ECDHE/RSA, 256-bit AES/GCM, SHA384 hash

rsa-export-with-des40-cbc-sha

RSA-export, 40-bit DES/CBC, SHA hash

rsa-export-with-rc4-40-md5

RSA-export, 40-bit RC4, MD5 hash

rsa-export1024-with-des-cbc-sha

RSA 1024-bit export, DES/CBC, SHA hash

rsa-export1024-with-rc4-56-md5

RSA 1024-bit export, 56 bit RC4, MD5 hash

rsa-export1024-with-rc4-56-sha

RSA 1024-bit export, 56 bit RC4, SHA hash

rsa-with-3des-ede-cbc-sha

RSA, 3DES EDE/CBC, SHA hash

rsa-with-aes-128-cbc-sha

RSA, 128-bit AES/CBC, SHA hash

rsa-with-aes-128-cbc-sha256

RSA, 128-bit AES/CBC, SHA256 hash

rsa-with-aes-128-gcm-sha256

RSA, 128-bit AES/GCM, SHA256 hash

rsa-with-aes-256-cbc-sha

RSA, 256-bit AES/CBC, SHA hash

rsa-with-aes-256-cbc-sha256

RSA, 256-bit AES/CBC, SHA256 hash

rsa-with-aes-256-gcm-sha384

RSA, 256-bit AES/GCM, SHA384 hash

rsa-with-des-cbc-sha

RSA, DES CBC, SHA hash

rsa-with-null-md5

RSA, no symmetric cipher, MD5 hash

rsa-with-null-sha

RSA, no symmetric cipher, SHA hash

rsa-with-rc4-128-md5

RSA, 128-bit RC4, MD5 hash

rsa-with-rc4-128-sha

RSA, 128-bit RC4, SHA hash

ecdhe-ecdsa-with-aes-256-gcm-sha384

ECDHE,ECDSA, 256 bit aes/gcm, sha384 hash

ecdhe-ecdsa-with-aes-256-cbc-sha384

ECDHE,ECDSA, 256 bit aes/cbc, sha384 hash

ecdhe-ecdsa-with-aes-256-cbc-sha

ECDHE,ECDSA, 256 bit aes/cbc, sha hash

ecdhe-ecdsa-with-aes-128-gcm-sha256

ECDHE,ECDSA, 128 bit aes/gcm, sha256 hash

ecdhe-ecdsa-with-aes-128-cbc-sha256

ECDHE,ECDSA, 128 bit aes/cbc, sha256 hash

ecdhe-ecdsa-with-aes-128-cbc-sha

ECDHE,ECDSA, 128 bit aes/cbc, sha hash

ecdhe-ecdsa-with-3des-ede-cbc-sha

ECDHE,ECDSA, 3des ede/cbc, sha hash

Required Privilege Level

services—To view this statement in the configuration.

services-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 12.1X44-D10.

This statement is supported in the SRX340, SRX345, SRX380, SRX550M, SRX1500, SRX4100, SRX4200, SRX5400, SRX5600, and SRX5800 devices and vSRX instances. Options to support Elliptic Curve Digital Signature Algorithm (ECDSA) added in Junos OS Release 18.3R1.