Old Algorithms Removed

This topic lists which algorithms were removed from EFT and which are the default.

The following algorithms were removed/ desupported in v8.0.5:

TLS_AES_256_GCM_SHA384

TLS_CHACHA20_POLY1305_SHA256

TLS_AES_128_GCM_SHA256

ECDHE-ECDSA-CHACHA20-POLY1305

ECDHE-RSA-CHACHA20-POLY1305

DHE-RSA-CHACHA20-POLY1305

ECDHE-ECDSA-AES256-CCM8

AES256-CCM8

ECDHE-ECDSA-AES256-CCM

DHE-RSA-AES256-CCM

AES256-CCM

ECDHE-ECDSA-ARIA256-GCM-SHA384

ECDHE-ARIA256-GCM-SHA384

DHE-RSA-ARIA256-GCM-SHA384

DHE-DSS-ARIA256-GCM-SHA384

ARIA256-GCM-SHA384

ECDHE-ECDSA-AES128-CCM8

DHE-RSA-AES128-CCM8

AES128-CCM8

ECDHE-ECDSA-AES128-CCM

DHE-RSA-AES128-CCM

AES128-CCM

ECDHE-ECDSA-ARIA128-GCM-SHA256

ECDHE-ARIA128-GCM-SHA256

DHE-RSA-ARIA128-GCM-SHA256

DHE-DSS-ARIA128-GCM-SHA256

ARIA128-GCM-SHA256

ECDHE-ECDSA-CAMELLIA256-SHA384

ECDHE-RSA-CAMELLIA256-SHA384

DHE-RSA-CAMELLIA256-SHA256

DHE-DSS-CAMELLIA256-SHA256

ADH-CAMELLIA256-SHA256

CAMELLIA256-SHA256

ECDHE-RSA-CAMELLIA128-SHA256

DHE-RSA-CAMELLIA128-SHA256

DHE-DSS-CAMELLIA128-SHA256

ADH-CAMELLIA128-SHA256

CAMELLIA128-SHA256

DHE-RSA-DES-CBC3-SHA

DHE-DSS-DES-CBC3-SHA

DHE-RSA-AES256-CCM8

ECDHE-ECDSA-CAMELLIA128-SHA256

 

The following 25 ciphers are enabled by default:

TLS_AES_256_GCM_SHA384

ECDHE-ECDSA-AES256-GCM-SHA384

ECDHE-RSA-AES256-GCM-SHA384

AES256-GCM-SHA384

TLS_CHACHA20_POLY1305_SHA256

ECDHE-ECDSA-CHACHA20-POLY1305

ECDHE-RSA-CHACHA20-POLY1305

TLS_AES_128_GCM_SHA256

ECDHE-ECDSA-AES128-GCM-SHA256

ECDHE-RSA-AES128-GCM-SHA256

AES128-GCM-SHA256

ECDHE-ECDSA-AES256-CCM8

AES256-CCM8

ECDHE-ECDSA-AES256-CCM

AES256-CCM

ECDHE-ECDSA-AES128-CCM8

AES128-CCM8

ECDHE-ECDSA-AES128-CCM

AES128-CCM

ECDHE-ECDSA-AES256-SHA384

ECDHE-RSA-AES256-SHA384

AES256-SHA256

ECDHE-ECDSA-AES128-SHA256

ECDHE-RSA-AES128-SHA256

AES128-SHA256​

Default Settings for SSL TLS:

FIPS mode was unchanged: