How do we access new CIPHERS for TLS 1.2?

Answer

The cipher suite names provided on the Cipher-Suite Selection Panel screen are not representative of any TLS version. Any of the cipher suite names listed can be used with TLS 1.2; however not all of the suite names listed can be used with TLS 1.0 or TLS 1.1. There are 2 types of ciphers: SHA-1 and SHA-2. TLS 1.0, TLS 1.1 and SSL will only work with SHA-1 ciphers, while TLS 1.2 can use both SHA-1 and SHA-2 ciphers.

If you have  PTF UI30614 applied, the following SHA-1 ciphers should be indicated to have been deprecated when you bring up the Cipher-Suite Selection Panel screen:

      TLS_RSA_WITH_NULL_MD5
      TLS_RSA_WITH_NULL_SHA
      TLS_RSA_EXPORT_WITH_RC4_40_MD5
      TLS_RSA_WITH_RC4_128_MD5
      TLS_RSA_WITH_RC4_128_SHA
      TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5

The following are the SHA-1 ciphers that can still be specified:

     TLS_RSA_WITH_AES_128_CBC_SHA
     TLS_RSA_WITH_AES_256_CBC_SHA
     TLS_RSA_WITH_3DES_EDE_CBC_SHA
     TLS_RSA_WITH_DES_CBC_SHA

The remaining ciphers in the Cipher-Suite Selection Panel screen are SHA-2.