The new NetScaler 11.1 Release (starting with Build 47.14) brings Support for ECC/ECDSA Ciphers, unfortunately only on MPX Appliances with a N3 SSL Accelerator Chip for now.
Next on my Wish List would be ECC/ECDSA Support on VPX/CPX, OCSP Stapling and ChaCha20-Poly1305 Support.
The new updated Cipher Lists are grouped into a Modern and a Intermediate Cipher List Group based on the Recommendations from the Mozilla Wiki. If you want to use the Intermediate Cipher List don't forget to create a 2048bit DH Parameter and bind it to your vServer (or your SSL Profile).
TLS Versions: TLS1.2 only
TLS Versions: TLS1.0, TLS1.1 TLS1.2
After the Break are the Cipher Lists from my older Blogposts for Reference if you are running an older Version:
Cipher List for MPX/SDX and VPX (starting with Build 11.0-65.31) Appliances:
Legacy Cipher List for MPX/SDX and VPX (starting with Build 11.0-65.31) Appliances:
Cipher List for VPX starting from Build 10.5-57.7 up to 11.0-64.34:
Legacy Cipher List for VPX Builds starting from Build 10.5-57.7 up to 11.0-64.34:
Next on my Wish List would be ECC/ECDSA Support on VPX/CPX, OCSP Stapling and ChaCha20-Poly1305 Support.
The new updated Cipher Lists are grouped into a Modern and a Intermediate Cipher List Group based on the Recommendations from the Mozilla Wiki. If you want to use the Intermediate Cipher List don't forget to create a 2048bit DH Parameter and bind it to your vServer (or your SSL Profile).
- Mozilla Modern:
TLS Versions: TLS1.2 only
- Mozilla Intermediate:
TLS Versions: TLS1.0, TLS1.1 TLS1.2
After the Break are the Cipher Lists from my older Blogposts for Reference if you are running an older Version:
Cipher List for MPX/SDX and VPX (starting with Build 11.0-65.31) Appliances:
Legacy Cipher List for MPX/SDX and VPX (starting with Build 11.0-65.31) Appliances:
Cipher List for VPX starting from Build 10.5-57.7 up to 11.0-64.34:
Legacy Cipher List for VPX Builds starting from Build 10.5-57.7 up to 11.0-64.34: