TLS termination specifications and limitations
This page contains the specifications and limitations of the Anjuna Runtime support for automatic TLS termination.
Specifications and limitations
The following information shows the specifications and limitations:
-
Maximum PEM-encoded certificate size (including terminating character) = 4096 bytes
-
Maximum number of TLS configuration entries in manifest = 64
-
Number of ports (or ranges) per each TLS encrypted port config in manifest = 64
-
Maximum size of the file containing the TLS private key = 4096 bytes
-
TLS Versions supported = Only TLS 1.2
Supported Cipher Suite algorithms
The following list contains the Cipher Suite algorithms that Anjuna supports.
Cipher Suite is a combination of Key Exchange Protocols, Signature Algorithms, and Encryption methods.
TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384 TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384 TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA TLS-DHE-RSA-WITH-AES-256-CBC-SHA TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 TLS-DHE-RSA-WITH-AES-128-GCM-SHA256 TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256 TLS-DHE-RSA-WITH-AES-128-CBC-SHA256 TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA TLS-DHE-RSA-WITH-AES-128-CBC-SHA TLS-RSA-WITH-AES-256-GCM-SHA384 TLS-RSA-WITH-AES-256-CBC-SHA256 TLS-RSA-WITH-AES-256-CBC-SHA TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384 TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384 TLS-ECDH-RSA-WITH-AES-256-CBC-SHA TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384 TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384 TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA TLS-RSA-WITH-AES-128-GCM-SHA256 TLS-RSA-WITH-AES-128-CBC-SHA256 TLS-RSA-WITH-AES-128-CBC-SHA TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256 TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256 TLS-ECDH-RSA-WITH-AES-128-CBC-SHA TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256 TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256 TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA