Cipher list for Best quality ciphers
You can use the table to understand the order of supported ciphers when Best is specified.
The following table provides information about the ciphers and the order of ciphers if
Best quality is specified, where:
- Code specifies the hex code that is used to identify the cipher.
- Cipher specifies the name of the cipher in standards format.
- Level specifies the minimum TLS level at which the cipher is supported.
- KeyEx specifies the key exchange method.
- Auth specifies the authentication method. The server certificate must allow this authentication.
- Encoding specifies the cipher encoding and bit size.
- Hash specifies the MAC hash of the cipher.
- FIPS specifies whether the cipher works in FIPS mode.
| Code | Cipher | Level | KeyEx | Auth | Encoding | Hash | FIPS |
|---|---|---|---|---|---|---|---|
| C030 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 | TSLV1.2 | ECDH | RSA | AESGCM(256) | AEAD |  |
| C02C | TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 | TSLV1.2 | ECDH | ECDSA | AESGCM(256) | AEAD | |
| 00A5 | TLS_DH_DSS_WITH_AES_256_GCM_SHA384 | TSLV1.2 | DH/DSS | DH | AESGCM(256) | AEAD | |
| 00A3 | TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 | TSLV1.2 | DH | DSS | AESGCM(256) | AEAD | |
| 00A1 | TLS_DH_RSA_WITH_AES_256_GCM_SHA384 | TSLV1.2 | DH/RSA | DH | AESGCM(256) | AEAD | |
| 009F | TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 | TSLV1.2 | DH | RSA | AESGCM(256) | AEAD | |
| C032 | TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 | TSLV1.2 | ECDH/RSA | ECDH | AESGCM(256) | AEAD | |
| C02E | TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 | TSLV1.2 | ECDH/ECDSA | ECDH | AESGCM(256) | AEAD | |
| 009D | TLS_RSA_WITH_AES_256_GCM_SHA384 | TSLV1.2 | RSA | RSA | AESGCM(256) | AEAD | |
| C02F | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 | TSLV1.2 | ECDH | RSA | AESGCM(128) | AEAD | |
| C02B | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | TSLV1.2 | ECDH | ECDSA | AESGCM(128) | AEAD | |
| 00A4 | TLS_DH_DSS_WITH_AES_128_GCM_SHA256 | TSLV1.2 | DH/DSS | DH | AESGCM(128) | AEAD | |
| 00A2 | TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 | TSLV1.2 | DH | DSS | AESGCM(128) | AEAD | |
| 00A0 | TLS_DH_RSA_WITH_AES_128_GCM_SHA256 | TSLV1.2 | DH/RSA | DH | AESGCM(128) | AEAD | |
| 009E | TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 | TSLV1.2 | DH | RSA | AESGCM(128) | AEAD | |
| C031 | TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 | TSLV1.2 | ECDH/RSA | ECDH | AESGCM(128) | AEAD | |
| C02D | TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 | TSLV1.2 | ECDH/ECDSA | ECDH | AESGCM(128) | AEAD | |
| 009C | TLS_RSA_WITH_AES_128_GCM_SHA256 | TSLV1.2 | RSA | RSA | AESGCM(128) | AEAD | |
| C028 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 | TSLV1.2 | ECDH | RSA | AES(256) | SHA384 | |
| C024 | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 | TSLV1.2 | ECDH | ECDSA | AES(256) | SHA384 | |
| C014 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA | SSLv3 | ECDH | RSA | AES(256) | SHA1 | |
| C00A | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA | SSLv3 | ECDH | ECDSA | AES(256) | SHA1 | |
| 006B | TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 | TSLV1.2 | DH | RSA | AES(256) | SHA256 | |
| 006A | TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 | TSLV1.2 | DH | DSS | AES(256) | SHA256 | |
| 0069 | TLS_DH_RSA_WITH_AES_256_CBC_SHA256 | TSLV1.2 | DH/RSA | DH | AES(256) | SHA256 | |
| 0068 | TLS_DH_DSS_WITH_AES_256_CBC_SHA256 | TSLV1.2 | DH/DSS | DH | AES(256) | SHA256 | |
| 0039 | TLS_DHE_RSA_WITH_AES_256_CBC_SHA | SSLv3 | DH | RSA | AES(256) | SHA1 | |
| 0038 | TLS_DHE_DSS_WITH_AES_256_CBC_SHA | SSLv3 | DH | DSS | AES(256) | SHA1 | |
| 0037 | TLS_DH_RSA_WITH_AES_256_CBC_SHA | SSLv3 | DH/RSA | DH | AES(256) | SHA1 | |
| 0036 | TLS_DH_DSS_WITH_AES_256_CBC_SHA | SSLv3 | DH/DSS | DH | AES(256) | SHA1 | |
| 0088 | TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA | SSLv3 | DH | RSA | Camellia(256) | SHA1 |
 |
| 0087 | TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA | SSLv3 | DH | DSS | Camellia(256) | SHA1 |
|
| 0086 | TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA | SSLv3 | DH/RSA | DH | Camellia(256) | SHA1 |
|
| 0085 | TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA | SSLv3 | DH/DSS | DH | Camellia(256) | SHA1 |
|
| C02A | TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 | TSLV1.2 | ECDH/RSA | ECDH | AES(256) | SHA384 | |
| C026 | TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 | TSLV1.2 | ECDH/ECDSA | ECDH | AES(256) | SHA384 | |
| C00F | TLS_ECDH_RSA_WITH_AES_256_CBC_SHA | SSLv3 | ECDH/RSA | ECDH | AES(256) | SHA1 | |
| C005 | TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA | SSLv3 | ECDH/ECDSA | ECDH | AES(256) | SHA1 | |
| 003D | TLS_RSA_WITH_AES_256_CBC_SHA256 | TSLV1.2 | RSA | RSA | AES(256) | SHA256 | |
| 0035 | TLS_RSA_WITH_AES_256_CBC_SHA | SSLv3 | RSA | RSA | AES(256) | SHA1 | |
| 0084 | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA | SSLv3 | RSA | RSA | Camellia(256) | SHA1 |
|
| 008D | TLS_PSK_WITH_AES_256_CBC_SHA | SSLv3 | PSK | PSK | AES(256) | SHA1 | |
| C027 | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 | TSLV1.2 | ECDH | RSA | AES(128) | SHA256 | |
| C023 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | TSLV1.2 | ECDH | ECDSA | AES(128) | SHA256 | |
| C013 | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA | SSLv3 | ECDH | RSA | AES(128) | SHA1 | |
| C009 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA | SSLv3 | ECDH | ECDSA | AES(128) | SHA1 | |
| 0067 | TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 | TSLV1.2 | DH | RSA | AES(128) | SHA256 | |
| 0040 | TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 | TSLV1.2 | DH | DSS | AES(128) | SHA256 | |
| 003F | TLS_DH_RSA_WITH_AES_128_CBC_SHA256 | TSLV1.2 | DH/RSA | DH | AES(128) | SHA256 | |
| 003E | TLS_DH_DSS_WITH_AES_128_CBC_SHA256 | TSLV1.2 | DH/DSS | DH | AES(128) | SHA256 | |
| 0033 | TLS_DHE_RSA_WITH_AES_128_CBC_SHA | SSLv3 | DH | RSA | AES(128) | SHA1 | |
| 0032 | TLS_DHE_DSS_WITH_AES_128_CBC_SHA | SSLv3 | DH | DSS | AES(128) | SHA1 | |
| 0031 | TLS_DH_RSA_WITH_AES_128_CBC_SHA | SSLv3 | DH/RSA | DH | AES(128) | SHA1 | |
| 0030 | TLS_DH_DSS_WITH_AES_128_CBC_SHA | SSLv3 | DH/DSS | DH | AES(128) | SHA1 | |
| 0045 | TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA | SSLv3 | DH | RSA | Camellia(128) | SHA1 |
|
| 0044 | TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA | SSLv3 | DH | DSS | Camellia(128) | SHA1 |
|
| 0043 | TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA | SSLv3 | DH/RSA | DH | Camellia(128) | SHA1 |
|
| 0042 | TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA | SSLv3 | DH/DSS | DH | Camellia(128) | SHA1 |
|
| C029 | TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 | TSLV1.2 | ECDH/RSA | ECDH | AES(128) | SHA256 | |
| C025 | TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 | TSLV1.2 | ECDH/ECDSA | ECDH | AES(128) | SHA256 | |
| C00E | TLS_ECDH_RSA_WITH_AES_128_CBC_SHA | SSLv3 | ECDH/RSA | ECDH | AES(128) | SHA1 | |
| C004 | TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA | SSLv3 | ECDH/ECDSA | ECDH | AES(128) | SHA1 | |
| 003C | TLS_RSA_WITH_AES_128_CBC_SHA256 | TSLV1.2 | RSA | RSA | AES(128) | SHA256 | |
| 002F | TLS_RSA_WITH_AES_128_CBC_SHA | SSLv3 | RSA | RSA | AES(128) | SHA1 | |
| 0041 | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA | SSLv3 | RSA | RSA | Camellia(128) | SHA1 |
|
| 008C | TLS_PSK_WITH_AES_128_CBC_SHA | SSLv3 | PSK | PSK | AES(128) | SHA1 | |
| C012 | TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA | SSLv3 | ECDH | RSA | 3DES(168) | SHA1 | |
| C008 | TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA | SSLv3 | ECDH | ECDSA | 3DES(168) | SHA1 | |
| 0016 | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA | SSLv3 | DH | RSA | 3DES(168) | SHA1 | |
| 0013 | TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA | SSLv3 | DH | DSS | 3DES(168) | SHA1 | |
| 0010 | TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA | SSLv3 | DH/RSA | DH | 3DES(168) | SHA1 | |
| 000D | TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA | SSLv3 | DH/DSS | DH | 3DES(168) | SHA1 | |
| C00D | TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA | SSLv3 | ECDH/RSA | ECDH | 3DES(168) | SHA1 | |
| C003 | TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA | SSLv3 | ECDH/ECDSA | ECDH | 3DES(168) | SHA1 | |
| 000A | TLS_RSA_WITH_3DES_EDE_CBC_SHA | SSLv3 | RSA | RSA | 3DES(168) | SHA1 | |
| 008B | TLS_PSK_WITH_3DES_EDE_CBC_SHA | SSLv3 | PSK | PSK | 3DES(168) | SHA1 | |