XSC proper cipher suite (Schannel) requirement settings
Based on the XHE settings for HE SSL Client , you can sort the ciphers needed on your PC.
For example XHE configuration has the below settings and you can find the right algorithm from the below table:
Example: How to configure XHE Client for SSL encryption
SSL CLIENT 53,47,10,9,7,5,4,0
| RSA | DSS | Diffie-Hellman |
| CIPHERSUITE | Algorithm | CIPHERSUITE | Algorithm | CIPHERSUITE | Algorithm |
| 4 | rsa_rc4_128_md5 | 19 | dh_dss_3des_sha | 24 | dh_rc4_128_md5 |
| 5 | rsa_rc4_128_sha | | | 26 | dh_des_sha |
| 7 | rsa_idea_sha | | | 27 | dh_3des_sha |
| 9 | rsa_des_sha | | | | |
| 10 | rsa_3des_sha | | | | |
| 47 | rsa_aes_128_sha | | | | |
| 53 | rsa_aes_256_sha | | | | |
| 0 | NONE,NONE i.e., UNENCRYPTED | | | | |
To enforce the new cipher suite you need to follow the below steps:
1. At a command prompt, type gpedit.msc, and then click OK. This starts the Local Group Policy Editor.
2. Expand Computer Configuration, expand Administrative Templates, expand Network, and then click SSL Configuration Settings.
3. In the Setting pane, right-click SSL Cipher Suite Order, and then click Edit.
4. In the Help pane, scroll to the bottom of the pane to locate the "How to modify this setting" instructions. To add the missing cipher suites, follow these instructions.
5. At a command prompt, type gpupdate and click OK. This command will refresh the local Group Policy with the new settings.