Support
Sök bland vanliga frågor (FAQ)
FAQ000273041
Hur kan vi hjälpa dig idag?

How to change the Cipher Suites of an NMC3?

Question :

How to change the Cipher Suites of an NMC3

Product Line / Environment :

Network Management Card 3 – AP9640/AP9641/ AP9643 and/or  Devices with an embedded Network Management Card 3

Answer :

Users may need to adjust the list of SSL/TLS ciphers in use for NMC web access on the NMC, to comply with local security policies, changes in browser compatibility, or to reflect ever-changing best practices.

The option to enable disable Cipher Suites In NMC3 is only accessible via Console or Command line via FTP , SSH or Terminal Emulator (i.e. Putty, TeraTerm) through a USB Connection. Please refer to the Command Line Interface Guide for Network Management Card 3 for details on how to connect via console.

The  command to be used is web with the -cs (meaning Cipher Suite) option. The syntax  would  be "web -cs <level>" specifying the level changes  the tier level of cipher suite that will be used. Value range of 0-4.   Omitting  level value displays current setting.

NOTE: The -cs option is only applied when minimum protocol is set to TLS v1.2 using the -mp option.

Here are the list of what Ciphers are allowed depending on the security level:

apc>web -cs 4

TLS1.2 Cipher Suite Filter:   4

Accepted Cipher Suites:

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

apc>web -cs 3

TLS1.2 Cipher Suite Filter:   3

Accepted Cipher Suites:

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

TLS_DHE_RSA_WITH_AES_128_CBC_SHA256

TLS_DHE_RSA_WITH_AES_256_CBC_SHA256

apc>web -cs 2

TLS1.2 Cipher Suite Filter:   2

Accepted Cipher Suites:

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

TLS_DHE_RSA_WITH_AES_128_CBC_SHA256

TLS_DHE_RSA_WITH_AES_256_CBC_SHA256

TLS_DHE_RSA_WITH_AES_128_CBC_SHA

TLS_DHE_RSA_WITH_AES_256_CBC_SHA

apc>web -cs 1

TLS1.2 Cipher Suite Filter:   1

Accepted Cipher Suites:

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

TLS_RSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

TLS_DHE_RSA_WITH_AES_128_CBC_SHA256

TLS_DHE_RSA_WITH_AES_256_CBC_SHA256

TLS_DHE_RSA_WITH_AES_128_CBC_SHA

TLS_DHE_RSA_WITH_AES_256_CBC_SHA

TLS_RSA_WITH_AES_128_CBC_SHA256

TLS_RSA_WITH_AES_256_CBC_SHA256

TLS_RSA_WITH_AES_128_CBC_SHA

TLS_RSA_WITH_AES_256_CBC_SHA

apc>web -cs 0

TLS1.2 Cipher Suite Filter:   0

Accepted Cipher Suites:

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

TLS_RSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA

TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

TLS_DHE_RSA_WITH_AES_128_CBC_SHA256

TLS_DHE_RSA_WITH_AES_256_CBC_SHA256

TLS_DHE_RSA_WITH_AES_128_CBC_SHA

TLS_DHE_RSA_WITH_AES_256_CBC_SHA

TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA

TLS_RSA_WITH_AES_128_CBC_SHA256

TLS_RSA_WITH_AES_256_CBC_SHA256

TLS_RSA_WITH_AES_128_CBC_SHA

TLS_RSA_WITH_AES_256_CBC_SHA

SSL_RSA_WITH_3DES_EDE_CBC_SHA

Screen shot of the Command Line using Putty to Show how the web -cs command is used

Figure 1. Screen shot of  the  Command Line using Putty to Show how the web -cs command is used

For NMC2 Cards Please  Follow FA359198

Should there be any other questions, feel free to reach out to us at 800-800-4272 or our chat support group at APC by Schneider Electric Customer Technical Support

Publicerad för: Schneider Electric Sverige

Behöver du hjälp?

Behöver du hjälp?

Produktväljare

Produktväljare

Hitta snabbt och enkelt rätt produkter och tillbehör för dina ändamål.

Begär en offert

Begär en offert

Ställ din fråga online så kontaktar vi dig.

Här köper du

Här köper du

Hitta enkelt närmaste Schneider Electric-distributör på din ort.

Hjälpcenter

Hjälpcenter

Hitta alla supportresurser som du behöver på ett ställe.

  • Produktdokumentation
  • Ladda ner programvara
  • Produktväljare
  • Byt ut eller ersätt produkt
  • Hjälp- och kontaktcenter
  • Här köper du
  • Begär en offert
  • Hitta våra kontor
  • Shop.se.com/se/sv nedstängning
  • Schneider Electrics community
  • Karriär
  • Företagsprofil
  • Rapportera ett tjänstefel
  • Tillgänglighet
  • Pressrum
  • Investerare
  • EcoStruxure
  • Sök jobb
  • Blogg
  • Sekretesspolicy
  • Cookie-information
  • Användarvillkor
  • Change your cookie settings