24-Aug-2022 13:43
A server team provided the following ciphers used, but for some reason, I am unable to either create a rule or group for them. Any help would be appreciated
TLS-CHACHA20-POLY1305-SHA256
TLS-AES-256-GCM-SHA384
TLS-AES-128-GCM-SHA256
TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256
TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
24-Aug-2022 22:16
It might be helpful to verify that the intention is to support TLS 1.2 and TLS 1.3 ciphers (or just TLS 1.3). The top three in your list are explicitly TLS 1.3. The following literal cipher string will produce exactly what's in your list:
tmm --clientciphers '!DTLSv1_2:TLS13-AES256-GCM-SHA384:TLS13-AES128-GCM-SHA256:TLS13-CHACHA20-POLY1305-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256;ECDHE-ECDSA-AES256-GCM-SHA384'
SUITE PROT
TLS13-AES256-GCM-SHA384 TLS1.3
TLS13-AES128-GCM-SHA256 TLS1.3
TLS13-CHACHA20-POLY1305-SHA256 TLS1.3
ECDHE-ECDSA-CHACHA20-POLY1305-SHA256 TLS1.2
ECDHE-ECDSA-AES128-GCM-SHA256 TLS1.2
ECDHE-ECDSA-AES256-GCM-SHA384 TLS1.2
26-Aug-2022 10:27
If this answered your question @VFB, can you accept the solution so it will be more helpful to others who find this thread? Thank you!