Although in almost all cases, the default settings do not need to be changed, you can configure the security protocols and cryptographic algorithms that are used to encrypt communications between clients and the Unified Access Gateway appliance.
The default setting includes cipher suites that use either 128-bit or 256-bit AES encryption, except for anonymous DH algorithms, and sorts them by strength. By default, TLS v1.2 are enabled. TLS v1.0, TLS v1.1, and SSL v3.0 are disabled.
Prerequisites
- Familiarize yourself with the Unified Access Gateway REST API. The specification for this API is available at the following URL on the virtual machine where Unified Access Gateway is installed: https://access-point-appliance.example.com:9443/rest/swagger.yaml.
- Familiarize yourself with the specific properties for configuring the cipher suites and protocols: cipherSuites, ssl30Disabled, tls10Enabled, tls11Disabled, and tls12Enabled.
Procedure
Results
The cipher suites and protocols that you specified are used.