Do TLS/SSL connections have a set encryption algorithm that they use?
Is it set automatically? Or do you choose the level of encryption (i.e. SHA-1)?
Asked
Active
Viewed 83 times
2
-
SHA-1 is hashing algorithm, not encryption – Lie Ryan Nov 22 '16 at 01:41
2 Answers
1
The TLS client and server negotiate which ciphers to use. During the ClientHello, the client sends a list of supported algorithms to the server. The server then picks a cipher which is supported by both and continues the negotiation to use this cipher.
David
- 15,939
- 3
- 50
- 73
0
It's usually what they support. Check out the offering by various providers, some dropped sha1 entirely and have process in place to help users migrate to sha2. You can limit the cipher used in your server settings.
Lester T.
- 1,273
- 1
- 10
- 22