Configure or remove the minimum levels of security minLos for TLS

Configures the minimum levels of security for TLS to comply with Suite B. If strict mode is configured, only TLS 1.2 connections with ciphers compatible with 128 and 192 bits are accepted. For non-strict mode (which is the default option), the TLS 1.0 and later connections are supported.

Syntax

[no] crypto SuiteB-MinLoS <128|192> tls [strict]

Definitions

no

If you specify the strict mode, the strict configuration is removed. If you do not specify the strict mode, the minLoS and the strict configuration on the TLS are removed.

SuiteB-MinLoS

Configures Suite B minimum levels of security for TLS.

128

This security level matches Elliptic Curve P-256.

192

This security level matches Elliptic Curve P-384.

tls

Configures Suite B compliant minimum levels of security for TLS.

Options

strict

Enforces the strict mode.