The cipher suites and relevant protocols are listed when FIPS is in On and Off mode.
Note: It is strongly recommended that you do not use SSL, TLS 1.0, or TLS 1.1 protocols. TLS 1.2 and TLS 1.3 protocols should be considered as cornerstone configurations. Security of some of the cipher suites has degraded over time and as a result, some cipher suites are known to be insecure. Old or outdated cipher suites are often vulnerable to attacks. If they are used, the attacker may intercept or modify data in transit. It is recommended that you use only the following cipher suites:
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 |
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 |
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 |
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 |
TLS_AES_256_GCM_SHA384 |
TLS_AES_128_GCM_SHA256 |