EMCC: Checking the ciphers supported

To check the cipher supported by an http server, emcc in particular, download and install nmap from https://nmap.org

The run the following scripts against the OMS with the console port.

./nmap --script +ssl-enum-ciphers -p <oms console port> <oms host>

nmap tells us that the supported cipher list is different between emcc 13.3 and emcc 13.4

TLS supported with EMCC 13.3

cipher preference: client

TLSv1.0:
TLS_RSA_WITH_AES_128_CBC_SHA (rsa 1024)
TLS_RSA_WITH_AES_256_CBC_SHA (rsa 1024)
TLSv1.1:
TLS_RSA_WITH_AES_128_CBC_SHA (rsa 1024)
TLS_RSA_WITH_AES_256_CBC_SHA (rsa 1024)
TLSv1.2:
TLS_RSA_WITH_AES_128_CBC_SHA (rsa 1024)
TLS_RSA_WITH_AES_128_CBC_SHA256 (rsa 1024)
TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 1024)
TLS_RSA_WITH_AES_256_CBC_SHA (rsa 1024)
TLS_RSA_WITH_AES_256_CBC_SHA256 (rsa 1024)
TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 1024)

TLS supported with EMCC 13.4

cipher preference: server

TLSv1.0:
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1)
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1)
TLS_RSA_WITH_AES_128_CBC_SHA (rsa 1024)
TLS_RSA_WITH_AES_256_CBC_SHA (rsa 1024)
TLSv1.1:
 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1)
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1)  
TLS_RSA_WITH_AES_128_CBC_SHA (rsa 1024)
TLS_RSA_WITH_AES_256_CBC_SHA (rsa 1024)
TLSv1.2:
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp256r1)
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp256r1)
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (secp256r1)
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (secp256r1)
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1)
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1)
TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 1024)
TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 1024)
TLS_RSA_WITH_AES_128_CBC_SHA256 (rsa 1024)
TLS_RSA_WITH_AES_256_CBC_SHA256 (rsa 1024)
TLS_RSA_WITH_AES_128_CBC_SHA (rsa 1024)
TLS_RSA_WITH_AES_256_CBC_SHA (rsa 1024)