If you want to use a key and certificate that you generate yourself, generate the key and certificate before performing the procedure below. Generating the Key and Certificate for Network Communication If you want to use a key and certificate that you acquire from a certification authority (CA), register the key and certificate before performing the procedure below. Registering a Key and Certificate If you set <Format Encryption Method to FIPS 140-2> to <On>,you can make the TLS communication encryption method comply with the United States government-approved FIPS (Federal Information Processing Standards) 140-2. <Format Encryption Method to FIPS 140-2> If <Format Encryption Method to FIPS 140-2> is set to <On>, an error will occur when you try to specify a certificate for TLS that uses an algorithm not recognized by FIPS (lower than RSA2048bit). A communication error will occur if you set <Format Encryption Method to FIPS 140-2> to <On>, and send to a remote party that does not support FIPS-recognized encryption algorithms. If <Format Encryption Method to FIPS 140-2> is set to <On>, <CHACHA20 POLY1305> and <X25519> switch to <Off>. If <CHACHA20 POLY1305> or <X25519> is set to <On>, <Format Encryption Method to FIPS 140-2> switches to <Off>. |
Algorithm | TLS Version | |||
<TLS 1.3> | <TLS 1.2> | <TLS 1.1> | <TLS 1.0> | |
<Encryption Algo Settings> | ||||
<AES-CBC (256-bit)> | - | |||
<AES-GCM (256-bit)> | - | - | ||
<3DES-CBC> | - | |||
<AES-CBC (128-bit)> | - | |||
<AES-GCM (128-bit)> | - | - | ||
<CHACHA20 POLY1305> | - | - | - | |
<Key Exchange Algo Settings> | ||||
<RSA> | - | |||
<ECDHE> | ||||
<X25519> | - | - | - | |
<Signature Algo Settings> | ||||
<RSA> | ||||
<ECDSA> | ||||
<HMAC Algo Settings> | ||||
<SHA1> | - | |||
<SHA256> | - | - | ||
<SHA384> | - | - |