Specifying a Server Protocol and Cipher Suite Preference

During the initial connection handshaking process clients send an ordered cipher suite list to use for the duration of the connection. The server selects a cipher suite from the client's preferred order list of supported cipher suites.

By default, the TLS honor server cipher list option is checked in SSL Options or MF Directory Server tab, the conversation will use the server's preferred protocol and cipher suites list. If you have not specified a value for the TLS protocols or Cipher suites fields, then the default is used. The TLS protocols field now supports TLS1.3. See Configuring a TLS Protocols List and Configuring a Cipher Suites List for more information. You can use the TLS honor server cipher list to force the use of a strong, ordered list of protocols and cipher suites. This controls the strength of cryptography used between server and client.

Note: A server using the SSL protocol is subject to a number of well documented security vulnerabilities. This is why the SSL2 protocol is no longer supported by Micro Focus products. Micro Focus recommends using the TLS1.1 and TLS1.2 protocols.