TLS_Ciphersuites
specifies which subset
of TLSv1.3 cipher suites is permissible for a connection. The parameter
format is documented in OpenSSL manual for
SSL_CTX_set_ciphersuites()
API function. For example:
TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
.
Usually there is no need to set this parameter. There is no default and
the system default is used.
# This cipher suite is mandatory for TLSv1.3
TLS_Ciphersuites TLS_AES_128_GCM_SHA256
This parameter affects
only TLSv1.3. For the respective parameter for TLSv1.2 and earlier TLS
versions versions, see
Section 3.11.9. TLS_Ciphers