Crypto-agility configuration for CDS Client is described below.

Server

  • CipherList and SSL protocol for the server is stored in DB.
  • The policy names are agentupdate.cipherList and agentupdate.sslProtocol. Default value of these policies is ECDHE-RSA-AES256-GCM-SHA384 and TLS_V1_2, respectively.
  • This can be updated from the policy configuration in the Service Center for each tenant.