2.1.34. 暗号スイート一覧¶
SSL/TLS Encryption Levelで設定される暗号スイートは、以下のとおりです。
- High
- High/medium SSL/TLS encryption levelsの一覧に記載された暗号スイートが設定されます。
- Medium
- High/medium SSL/TLS encryption levelsとMedium-only SSL/TLS encryption levelsの一覧に記載された暗号スイートが設定されます。
- Custom
- High/medium SSL/TLS encryption levelsとMedium-only SSL/TLS encryption levelsの一覧に記載された暗号スイートからお客様が選択したものが設定されます。ただし”(注)”と記載された暗号スイートはCustomでは対象外となります。
High/medium SSL/TLS encryption levels
| Cipher | Managed UTM 表示名 | TLS 1.3 | TLS 1.2 |
|---|---|---|---|
| TLS_AES_128_GCM_SHA256 | TLS-AES-128-GCM-SHA256 | Yes | |
| TLS_AES_256_GCM_SHA384 | TLS-AES-256-GCM-SHA384 | Yes | |
| TLS_CHACHA20_POLY1305_SHA256 | TLS-CHACHA20-POLY1305-SHA256 | Yes | |
| ECDHE-RSA-CHACHA20-POLY1305 | TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256 | Yes | |
| ECDHE-ECDSA-CHACHA20-POLY1305 | TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256 | Yes | |
| DHE-RSA-CHACHA20-POLY1305 | TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256 | Yes | |
| DHE-RSA-AES128-SHA | TLS-DHE-RSA-WITH-AES-128-CBC-SHA | Yes | |
| DHE-RSA-AES256-SHA | TLS-DHE-RSA-WITH-AES-256-CBC-SHA | Yes | |
| DHE-RSA-AES128-SHA256 | TLS-DHE-RSA-WITH-AES-128-CBC-SHA256 | Yes | |
| DHE-RSA-AES128-GCM-SHA256 | TLS-DHE-RSA-WITH-AES-128-GCM-SHA256 | Yes | |
| DHE-RSA-AES256-SHA256 | TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 | Yes | |
| DHE-RSA-AES256-GCM-SHA384 | TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 | Yes | |
| DHE-DSS-AES128-SHA | TLS-DHE-DSS-WITH-AES-128-CBC-SHA(注) | Yes | |
| DHE-DSS-AES256-SHA | TLS-DHE-DSS-WITH-AES-256-CBC-SHA (注) | Yes | |
| DHE-DSS-AES128-SHA256 | TLS-DHE-DSS-WITH-AES-128-CBC-SHA256 | Yes | |
| DHE-DSS-AES128-GCM-SHA256 | TLS-DHE-DSS-WITH-AES-128-GCM-SHA256 | Yes | |
| DHE-DSS-AES256-SHA256 | TLS-DHE-DSS-WITH-AES-256-CBC-SHA256 | Yes | |
| DHE-DSS-AES256-GCM-SHA384 | TLS-DHE-DSS-WITH-AES-256-GCM-SHA384 | Yes | |
| ECDHE-RSA-AES128-SHA | TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA | Yes | |
| ECDHE-RSA-AES128-SHA256 | TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256 | Yes | |
| ECDHE-RSA-AES128-GCM-SHA256 | TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 | Yes | |
| ECDHE-RSA-AES256-SHA | TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA | Yes | |
| ECDHE-RSA-AES256-SHA384 | TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384 | Yes | |
| ECDHE-RSA-AES256-GCM-SHA384 | TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384 | Yes | |
| ECDHE-ECDSA-AES128-SHA | TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA | Yes | |
| ECDHE-ECDSA-AES128-SHA256 | TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 | Yes | |
| ECDHE-ECDSA-AES128-GCM-SHA256 | TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 | Yes | |
| ECDHE-ECDSA-AES256-SHA | TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA (注) | Yes | |
| ECDHE-ECDSA-AES256-SHA384 | TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 | Yes | |
| ECDHE-ECDSA-AES256-GCM-SHA384 | TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 | Yes | |
| DHE-RSA-CAMELLIA128-SHA | TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA | Yes | |
| DHE-DSS-CAMELLIA128-SHA | TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA | Yes | |
| DHE-RSA-CAMELLIA256-SHA | TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA | Yes | |
| DHE-DSS-CAMELLIA256-SHA | TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA | Yes | |
| DHE-RSA-CAMELLIA128-SHA256 | TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 | Yes | |
| DHE-DSS-CAMELLIA128-SHA256 | TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA256 | Yes | |
| DHE-RSA-CAMELLIA256-SHA256 | TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256 | Yes | |
| DHE-DSS-CAMELLIA256-SHA256 | TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA256 | Yes |
(注)Customでは選べません。
Medium-only SSL/TLS encryption levels
| Cipher | Managed UTM 表示名 | TLS 1.3 | TLS 1.2 |
|---|---|---|---|
| AES128-SHA | TLS-RSA-WITH-AES-128-CBC-SHA | Yes | |
| AES256-SHA | TLS-RSA-WITH-AES-256-CBC-SHA | Yes | |
| AES128-SHA256 | TLS-RSA-WITH-AES-128-CBC-SHA256 | Yes | |
| AES128-GCM-SHA256 | TLS-RSA-WITH-AES-128-GCM-SHA256 | Yes | |
| AES256-SHA256 | TLS-RSA-WITH-AES-256-CBC-SHA256 | Yes | |
| AES256-GCM-SHA384 | TLS-RSA-WITH-AES-256-GCM-SHA384 | Yes | |
| CAMELLIA128-SHA | TLS-RSA-WITH-CAMELLIA-128-CBC-SHA | Yes | |
| CAMELLIA256-SHA | TLS-RSA-WITH-CAMELLIA-256-CBC-SHA | Yes | |
| CAMELLIA128-SHA256 | TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256 | Yes | |
| CAMELLIA256-SHA256 | TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256 | Yes |