Public key algorithm (and key length) | RSA (512 bits, 1024 bits, 2048 bits, 4096 bits) DSA (1024Bits, 2048Bits, 3072Bits) ECDSA (P256, P384, P521) |
Certificate signature algorithm | RSA: SHA-1*1, SHA-256, SHA-384*2, SHA-512*2 DSA: SHA-1*1 ECDSA: SHA-1*1, SHA-256, SHA-384, SHA-512 |
Format | Key PKCS#12*1*2 CA certificate X.509 DER format/PEM format*2 |
File extension | Key ".p12" or ".pfx" CA certificate ".cer" or ".pem" |
Public key algorithm (and key length) | RSA (512 bits, 1024 bits, 2048 bits, 4096 bits) DSA (1024 bits, 2048 bits, 3072 bits) ECDSA (P256, P384, P521) |
Certificate signature algorithm | RSA: SHA-1*3, SHA-256, SHA-384*4, SHA-512*4 DSA: SHA-1*3 ECDSA: SHA-1*3, SHA-256, SHA-384, SHA-512 |
The machine does not support use of a certificate revocation list (CRL). |
Hash | MD4, MD5, SHA-1 |
HMAC | HMAC-MD5 |
Common key encryption | RC2, RC4, DES |
Public key encryption | RSA encryption (512 bits/1024 bits) RSA signature (512 bits/1024 bits) DSA (512 bits/1024 bits) DH (512 bits/1024 bits) |
Even when [Prohibit Key/Cert. with Weak Encryption] in [Encryption Settings] is set to [On], the hash algorithm SHA-1, which is used for signing a root certificate, can be used. |
Algorithm | TLS Version | |||
TLS 1.3 | TLS 1.2 | TLS 1.1 | TLS 1.0 | |
Encryption Algorithm | ||||
AES-CBC (256bit) | ||||
AES-CBC (128bit) | ||||
AES-GCM (256bit) | ||||
AES-GCM (128bit) | ||||
3DES-CBC | ||||
CHACHA20-POLY1305 | ||||
Key Exchange Algorithm | ||||
RSA | ||||
ECDHE | ||||
X25519 | ||||
Signature Algorithm | ||||
RSA | ||||
ECDSA | ||||
HMAC Algorithm | ||||
SHA1 | ||||
SHA256 | ||||
SHA384 |