SSL::cipher

Description

Returns an SSL cipher name, its version, and the number of secret bits used.

Syntax

SSL::cipher name
SSL::cipher version
SSL::cipher bits

SSL::cipher name


SSL::cipher version


SSL::cipher bits

  • Returns the number of secret bits that the current SSL cipher used, using the format of the OpenSSL ‘’’SSL_CIPHER_get_bits()* function (e.g. 256, 128 or 40).

Examples

when HTTP_REQUEST {

  # Check encryption strength
  if { [SSL::cipher bits] >= 128 } {

     pool web_servers

  } else {

     # Client is using a weak cipher
     # Use one of the destination commands

     # Either specify a pool
     pool sorry_servers

     # or to a specific node
     node 10.10.10.10

     # or send a 302 response to redirect to a specific URL
     # Set cache control headers to prevent proxies from caching the response.
     HTTP::respond 302 Location "http://some_address/sorry.html" Cache-Control No-Cache Pragma No-Cache
  }
}