Notes.ini Entry


Name:
    SSL_Use_Client_Cipher_Order

Syntax
    SSL_Use_Client_Cipher_Order=0 / 1

Applies to:
    Servers

Add-on:

    First Release:
      9.0.1 FP3 IF2

    Obsolete since:

      Category:
        Encryption, Security, SSL

      Default:
        None

      UI equivalent:
        None

      Description:

      Starting with 9.0.1 FP3 IF2, Domino will select the mutually supported cipher that it prefers most instead of the cipher preferred by the client. Administrators can revert to the old behavior by setting SSL_USE_CLIENT_CIPHER_ORDER=1 in the server's notes.ini file.
      Starting in 9.0.1 FP4, RC4-SHA is only enabled by default if TLS 1.2 support has been disabled by the administrator, and since this is the last cipher on the ordered list, it will be used only if the alternative is sending the data in the clear.


      https://www-10.lotus.com/ldd/dominowiki.nsf/dx/TLS_Cipher_Configuration