When connecting with Rebex HTTPS, you can choose from a number of security algorithms and standards.
Cipher ID |
Certificate Key Algorithm |
Key Exchange Algorithm |
Encryption Algorithm |
MAC Alg. |
Security |
RSA_WITH_AES_128_GCM_SHA256 |
RSA |
RSA |
AES in GCM mode |
AEAD |
Secure |
RSA_WITH_AES_256_GCM_SHA384 |
AES in GCM mode |
AEAD |
Secure |
RSA_WITH_AES_128_CBC_SHA256 |
AES in CBC mode |
SHA-256 |
Secure |
RSA_WITH_AES_256_CBC_SHA256 |
AES in CBC mode |
SHA-256 |
Secure |
RSA_EXPORT_WITH_RC4_40_MD5 |
RC4 |
MD5 |
Vulnerable |
RSA_WITH_RC4_128_MD5 |
RC4 |
MD5 |
Vulnerable |
RSA_WITH_RC4_128_SHA |
RC4 |
SHA-1 |
Vulnerable |
RSA_EXPORT_WITH_RC2_CBC_40_MD5 |
RC2 in CBC mode |
MD5 |
Vulnerable |
RSA_EXPORT_WITH_DES40_CBC_SHA |
DES in CBC mode |
SHA-1 |
Vulnerable |
RSA_WITH_DES_CBC_SHA |
DES in CBC mode |
SHA-1 |
Vulnerable |
RSA_WITH_3DES_EDE_CBC_SHA |
TripleDES in CBC mode |
SHA-1 |
Weak |
RSA_EXPORT1024_WITH_DES_CBC_SHA |
DES in CBC mode |
SHA-1 |
Vulnerable |
RSA_EXPORT1024_WITH_RC4_56_SHA |
RC4 |
SHA-1 |
Vulnerable |
RSA_WITH_AES_128_CBC_SHA |
AES in CBC mode |
SHA-1 |
Weak |
RSA_WITH_AES_256_CBC_SHA |
AES in CBC mode |
SHA-1 |
Weak |
ECDHE_RSA_WITH_AES_128_GCM_SHA256 |
RSA |
Elliptic Curve Diffie-Hellman |
AES in GCM mode |
AEAD |
Secure |
ECDHE_RSA_WITH_AES_256_GCM_SHA384 |
AES in GCM mode |
AEAD |
Secure |
ECDHE_RSA_WITH_AES_128_CBC_SHA256 |
AES in CBC mode |
SHA-256 |
Secure |
ECDHE_RSA_WITH_AES_256_CBC_SHA384 |
AES in CBC mode |
SHA-384 |
Secure |
ECDHE_RSA_WITH_AES_128_CBC_SHA |
AES in CBC mode |
SHA-1 |
Weak |
ECDHE_RSA_WITH_AES_256_CBC_SHA |
AES in CBC mode |
SHA-1 |
Weak |
ECDHE_RSA_WITH_3DES_EDE_CBC_SHA |
TripleDES in CBC mode |
SHA-1 |
Weak |
ECDHE_RSA_WITH_RC4_128_SHA |
RC4 |
SHA-1 |
Vulnerable |
ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 |
Elliptic Curve DSA |
Elliptic Curve Diffie-Hellman |
AES in GCM mode |
AEAD |
Secure |
ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 |
AES in GCM mode |
AEAD |
Secure |
ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 |
AES in CBC mode |
SHA-256 |
Secure |
ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 |
AES in CBC mode |
SHA-384 |
Secure |
ECDHE_ECDSA_WITH_AES_128_CBC_SHA |
AES in CBC mode |
SHA-1 |
Weak |
ECDHE_ECDSA_WITH_AES_256_CBC_SHA |
AES in CBC mode |
SHA-1 |
Weak |
ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA |
TripleDES in CBC mode |
SHA-1 |
Weak |
ECDHE_ECDSA_WITH_RC4_128_SHA |
RC4 |
SHA-1 |
Vulnerable |
DHE_RSA_WITH_AES_128_GCM_SHA256 |
RSA |
Diffie-Hellman |
AES in GCM mode |
AEAD |
Secure |
DHE_RSA_WITH_AES_256_GCM_SHA384 |
AES in GCM mode |
AEAD |
Secure |
DHE_RSA_WITH_AES_128_CBC_SHA256 |
AES in CBC mode |
SHA-256 |
Secure |
DHE_RSA_WITH_AES_256_CBC_SHA256 |
AES in CBC mode |
SHA-256 |
Secure |
DHE_RSA_EXPORT_WITH_DES40_CBC_SHA |
DES in CBC mode |
SHA-1 |
Vulnerable |
DHE_RSA_WITH_DES_CBC_SHA |
DES in CBC mode |
SHA-1 |
Vulnerable |
DHE_RSA_WITH_3DES_EDE_CBC_SHA |
TripleDES in CBC mode |
SHA-1 |
Weak |
DHE_RSA_WITH_AES_128_CBC_SHA |
AES in CBC mode |
SHA-1 |
Weak |
DHE_RSA_WITH_AES_256_CBC_SHA |
AES in CBC mode |
SHA-1 |
Weak |
DHE_DSS_WITH_AES_128_GCM_SHA256 |
DSS |
Diffie-Hellman |
AES in GCM mode |
AEAD |
Secure |
DHE_DSS_WITH_AES_256_GCM_SHA384 |
AES in GCM mode |
AEAD |
Secure |
DHE_DSS_WITH_AES_128_CBC_SHA256 |
AES in CBC mode |
SHA-256 |
Secure |
DHE_DSS_WITH_AES_256_CBC_SHA256 |
AES in CBC mode |
SHA-256 |
Secure |
DHE_DSS_EXPORT_WITH_DES40_CBC_SHA |
DES in CBC mode |
SHA-1 |
Vulnerable |
DHE_DSS_WITH_DES_CBC_SHA |
DES in CBC mode |
SHA-1 |
Vulnerable |
DHE_DSS_WITH_3DES_EDE_CBC_SHA |
TripleDES in CBC mode |
SHA-1 |
Weak |
DHE_DSS_WITH_AES_128_CBC_SHA |
AES in CBC mode |
SHA-1 |
Weak |
DHE_DSS_WITH_AES_256_CBC_SHA |
AES in CBC mode |
SHA-1 |
Weak |
DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA |
DES in CBC mode |
SHA-1 |
Vulnerable |
DHE_DSS_EXPORT1024_WITH_RC4_56_SHA |
RC4 |
SHA-1 |
Vulnerable |
DHE_DSS_WITH_RC4_128_SHA |
RC4 |
SHA-1 |
Vulnerable |
DH_anon_WITH_AES_256_CBC_SHA256 |
no certificate |
Diffie-Hellman |
AES in CBC mode |
SHA-256 |
Anonymous |
DH_anon_WITH_AES_128_CBC_SHA256 |
AES in CBC mode |
SHA-256 |
Anonymous |
DH_anon_WITH_AES_256_CBC_SHA |
AES in CBC mode |
SHA-1 |
Anonymous |
DH_anon_WITH_AES_128_CBC_SHA |
AES in CBC mode |
SHA-1 |
Anonymous |
DH_anon_WITH_RC4_128_MD5 |
RC4 |
MD5 |
Anonymous |
DH_anon_WITH_3DES_EDE_CBC_SHA |
TripleDES in CBC mode |
SHA-1 |
Anonymous |
DH_anon_WITH_DES_CBC_SHA |
DES in CBC mode |
SHA-1 |
Anonymous |
DH_anon_EXPORT_WITH_RC4_40_MD5 |
RC4 |
MD5 |
Anonymous |
DH_anon_EXPORT_WITH_DES40_CBC_SHA |
DES in CBC mode |
SHA-1 |
Anonymous |
Note: Vulnerable cipher suites are switched off by default. To enable them, set Settings.SslAllowVulnerableSuites
to true
.
However, this is strongly discouraged.
* These curves require a plugin on non-Windows and legacy Windows platforms.
** These curves require a plugin on non-Windows platforms and on Windows earlier than Windows 10 / Windows Server 2016.
*** These curves require a plugin.