最近更新时间:2023-12-05 10:51:51
TLS安全策略包含HTTPS可选的TLS协议版本和配套的加密算法套件。TLS协议版本越高,HTTPS通信的安全性越高,但是相较于低版本TLS协议,高版本TLS协议对浏览器的兼容性较差。
安全策略 | 支持的TLS版本 | 支持的加密算法套件 |
TlsCipherPolicy1.0 | TLSv1.0、TLSv1.1、TLSv1.2 |
TLSv1.0和v1.1支持: - ECDHE-RSA-AES128-CBC-SHA - ECDHE-RSA-AES256-CBC-SHA - RSA-AES128-CBC-SHA - RSA-AES256-CBC-SHA - RSA-3DES-EDE-CBC-SHA - ECDHE-ECDSA-AES256-SHA - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-ECDSA-AES128-SHA - ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2支持: - ECDHE-RSA--AES128-CBC-SHA - ECDHE-RSA-AES256-CBC-SHA - RSA-AES128-CBC-SHA - RSA-AES256-CBC-SHA - RSA-3DES-EDE-CBC-SHA - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE RSA-AES128-CBC-SHA256 - ECDHE-RSA-AES-256-CBC-SHA384 - RSA-AES128-GCM-SHA256 - RSA-AES256-GCM-SHA384 - RSA-AES128-CBC-SHA256 - RSA-AES256-CBC-SHA256 - ECDHE-ECDSA-AES256-SHA - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-ECDSA-AES128-SHA - ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.3支持: - AES-256-GCM-SHA384 - CHACHA20-POLY1305-SHA256 - AES-128-GCM-SHA256 TLSv1.2-strict - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-RSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-ECDSA-AES128-SHA - ECDHE-ECDSA-AES128-GCM-SHA256 |
TlsCipherPolicy1.1 | TLSv1.1、TLSv1.2 | |
TlsCipherPolicy1.2 | TLSv1.2 | |
TlsCipherPolicy1.2-strict | TLSv1.2-strict | |
TlsCipherPolicy1.2-most-strict-with1.3 | TLSv1.0、TLSv1.1、TLSv1.2、TLSv1.3 |
纯净模式