Sets the Secure Socket Layer protocol version and the ciphers used when Silk Performer establishes a secure connection to the server.
WebAPI.bdh
SslSetEncryption( in nVersion : number, in sCiphers : string optional ): boolean;
true if successful
false otherwise
Parameter | Description |
---|---|
nVersion | Specifies the Secure Socket Layer protocol version used when
Silk Performer establishes a secure connection to the server. Valid options are:
|
sCiphers |
Optional: Specifies the ciphers used when
Silk Performer establishes a secure connection to the server. Valid options are:
You can also specify any cipher as described on OpenSSL ciphers. If this parameter is omitted, Silk Performer uses its default ciphers. The sCiphers parameter can also be a string value with one or more cipher names, separated with a colon (:), or a combination of sets ("SSLv3", "MEDIUM" or "HIGH") and cipher names, or even with logical operators, for example "EXP:RC4-SHA:!HIGH". You can also mix TLSv1.3 ciphers with non-TLSv1.3 ciphers. Invalid cipher strings are ignored. |
For a list of available cipher names, visit OpenSSL ciphers.
dcltrans transaction TSecureHTTP begin SslSetEncryption(SSL_VERSION_SSL3, SSL_CIPHERS_SSLv3); WebUrl("https://www.company.com"); end TSecureHTTP; transaction TSecureHTTP1 begin SslSetEncryption(SSL_VERSION_SSL3, "EXP-RC4-MD5:EXP-DES-CBC-SHA"); WebUrl("https://www.company.com"); end TSecureHTTP1; // no cipher specified, request vs. TLSv1.3 server, expected ciphersuite: TLS_AES_256_GCM_SHA384 SslSetEncryption(SSL_VERSION_TLS13); // ciphers set in specified order, request vs. TLSv1.3 server, expected ciphersuite is: TLS_AES_128_GCM_SHA256 SslSetEncryption(SSL_VERSION_AUTO, "TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384"); // set TLSv1.2 and TLSv1.3 ciphers, requests to TLSv1.2 and TLSv1.3 server SslSetEncryption(SSL_VERSION_AUTO, "ECDHE-RSA-AES128-GCM-SHA256:TLS_CHACHA20_POLY1305_SHA256"); // same as above, but added some non-existing ciphers SslSetEncryption(SSL_VERSION_AUTO, "thisisnotacipher:ECDHE-RSA-AES128-GCM-SHA256:thisisnotaciphertoo:TLS_CHACHA20_POLY1305_SHA256:thisisalsonotacipher");
WebSecure01.bdf, WebSecure02.bdf