Our Brands

Welcome to the Schneider Electric Website

Welcome to our website.
Support
Search FAQs
FAQ000273041
How can we help you today?
How to change the Cipher Suites of an NMC3?

Question :

How to change the Cipher Suites of an NMC3

Product Line / Environment :

Network Management Card 3 – AP9640/AP9641/ AP9643 and/or  Devices with an embedded Network Management Card 3

Answer :

Users may need to adjust the list of SSL/TLS ciphers in use for NMC web access on the NMC, to comply with local security policies, changes in browser compatibility, or to reflect ever-changing best practices.

The option to enable disable Cipher Suites In NMC3 is only accessible via Console or Command line via FTP , SSH or Terminal Emulator (i.e. Putty, TeraTerm) through a USB Connection. Please refer to the Command Line Interface Guide for Network Management Card 3 for details on how to connect via console.

The  command to be used is web with the -cs (meaning Cipher Suite) option. The syntax  would  be "web -cs <level>" specifying the level changes  the tier level of cipher suite that will be used. Value range of 0-4.   Omitting  level value displays current setting.

NOTE: The -cs option is only applied when minimum protocol is set to TLS v1.2 using the -mp option.

Here are the list of what Ciphers are allowed depending on the security level:

apc>web -cs 4

TLS1.2 Cipher Suite Filter:   4

Accepted Cipher Suites:

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

apc>web -cs 3

TLS1.2 Cipher Suite Filter:   3

Accepted Cipher Suites:

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

TLS_DHE_RSA_WITH_AES_128_CBC_SHA256

TLS_DHE_RSA_WITH_AES_256_CBC_SHA256

apc>web -cs 2

TLS1.2 Cipher Suite Filter:   2

Accepted Cipher Suites:

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

TLS_DHE_RSA_WITH_AES_128_CBC_SHA256

TLS_DHE_RSA_WITH_AES_256_CBC_SHA256

TLS_DHE_RSA_WITH_AES_128_CBC_SHA

TLS_DHE_RSA_WITH_AES_256_CBC_SHA

apc>web -cs 1

TLS1.2 Cipher Suite Filter:   1

Accepted Cipher Suites:

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

TLS_RSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

TLS_DHE_RSA_WITH_AES_128_CBC_SHA256

TLS_DHE_RSA_WITH_AES_256_CBC_SHA256

TLS_DHE_RSA_WITH_AES_128_CBC_SHA

TLS_DHE_RSA_WITH_AES_256_CBC_SHA

TLS_RSA_WITH_AES_128_CBC_SHA256

TLS_RSA_WITH_AES_256_CBC_SHA256

TLS_RSA_WITH_AES_128_CBC_SHA

TLS_RSA_WITH_AES_256_CBC_SHA

apc>web -cs 0

TLS1.2 Cipher Suite Filter:   0

Accepted Cipher Suites:

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

TLS_RSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA

TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

TLS_DHE_RSA_WITH_AES_128_CBC_SHA256

TLS_DHE_RSA_WITH_AES_256_CBC_SHA256

TLS_DHE_RSA_WITH_AES_128_CBC_SHA

TLS_DHE_RSA_WITH_AES_256_CBC_SHA

TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA

TLS_RSA_WITH_AES_128_CBC_SHA256

TLS_RSA_WITH_AES_256_CBC_SHA256

TLS_RSA_WITH_AES_128_CBC_SHA

TLS_RSA_WITH_AES_256_CBC_SHA

SSL_RSA_WITH_3DES_EDE_CBC_SHA

Screen shot of the Command Line using Putty to Show how the web -cs command is used

Figure 1. Screen shot of  the  Command Line using Putty to Show how the web -cs command is used

For NMC2 Cards Please  Follow FA359198 https://www.apc.com/us/en/faqs/FA359198/

Should there be any other questions, feel free to reach out to us at 800-800-4272 or our chat support group at APC by Schneider Electric Customer Technical Support

Released for: Schneider Electric Hong Kong
Users group

Discuss this topic with experts

Visit our Community for first-hand insights from experts and peers on this topic and more.

Need help?

  • Start here!

    Find answers now. Search for a solution on your own, or connect with one of our experts.

  • Contact Support

    Reach out to our customer care team to receive more information, technical support, assistance with complaints and more.

  • Where to buy?

    Easily find the nearest Schneider Electric distributor in your location.

  • Search FAQs

    Search topic-related frequently asked questions to find answers you need.

  • Contact Sales

    Start your sales enquiry online and an expert will connect with you.

I'd like to receive news and commercial info from Schneider Electric and its affiliates via electronic communication means such as email, and I agree to the collection of information on the opening and clicks on these emails (using invisible pixels in the images), to measure performance of Schneider Electric's communications and to improve them. For more details, please read our Privacy Policy.
  • Products Documentation
  • Software Downloads
  • Product Selector
  • Product Substitution and Replacement
  • Help and Contact centre
  • Find our Offices
  • Get a Quote
  • Where to buy
  • Careers
  • Company Profile
  • Report a misconduct
  • Accessibility
  • Newsroom
  • Investors
  • EcoStruxure
  • Job Search
  • Blog
  • Privacy Policy
  • Cookie Notice
  • Terms of use
  • Change your cookie settings
Your browser is out of date and has known security issues.

It also may not display all features of this website or other websites.

Please upgrade your browser to access all of the features of this website.

Latest version for Google Chrome, Mozilla Firefox or Microsoft Edgeis recommended for optimal functionality.