CipherSuites

Parameters

Parameter	Attribute	DataType	Description	Allowed Values
IsSingleInstance	Key	String	Required parameter to enforce the resource is only added once	`Yes`
CipherSuitesOrder	Write	StringArray[]	Specifies which Cipher Suites should be configured on the server
Ensure	Write	String	Specifies if the specified Cipher Suites should be present or not	`Present`, `Absent`
RebootWhenRequired	Write	Boolean	Specifies if a reboot will be performed when required (Default: False)

Description

This resource is responsible for enabling or disabling cipher suites.

Examples

Example 1

This example shows how to configure a secure Windows Server 2016 cipher suites order.

Configuration Example
{
    param ()

    Import-DscResource -ModuleName SChannelDsc

    node localhost
    {
        CipherSuites ConfigureCipherSuites
        {
            IsSingleInstance  = 'Yes'
            CipherSuitesOrder = @(
                'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384',
                'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256',
                'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384',
                'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256',
                'TLS_DHE_RSA_WITH_AES_256_GCM_SHA384',
                'TLS_DHE_RSA_WITH_AES_128_GCM_SHA256',
                'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384',
                'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256',
                'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384',
                'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256',
                'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA',
                'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA',
                'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA',
                'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA',
                'TLS_DHE_RSA_WITH_AES_256_CBC_SHA',
                'TLS_DHE_RSA_WITH_AES_128_CBC_SHA',
                'TLS_RSA_WITH_AES_256_GCM_SHA384',
                'TLS_RSA_WITH_AES_128_GCM_SHA256',
                'TLS_RSA_WITH_AES_256_CBC_SHA256',
                'TLS_RSA_WITH_AES_128_CBC_SHA256',
                'TLS_RSA_WITH_AES_256_CBC_SHA',
                'TLS_RSA_WITH_AES_128_CBC_SHA',
                'TLS_RSA_WITH_3DES_EDE_CBC_SHA',
                'TLS_DHE_DSS_WITH_AES_256_CBC_SHA256',
                'TLS_DHE_DSS_WITH_AES_128_CBC_SHA256',
                'TLS_DHE_DSS_WITH_AES_256_CBC_SHA',
                'TLS_DHE_DSS_WITH_AES_128_CBC_SHA',
                'TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA',
                'TLS_PSK_WITH_AES_256_GCM_SHA384',
                'TLS_PSK_WITH_AES_128_GCM_SHA256',
                'TLS_PSK_WITH_AES_256_CBC_SHA384',
                'TLS_PSK_WITH_AES_128_CBC_SHA256'
                )
            Ensure            = 'Present'
        }
    }
}

Home

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CipherSuites

Parameters

Description

Examples

Example 1

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Commands

Resources

Clone this wiki locally