7

I am working on configuring a Java client which its job is to make TLS connections to servers. I want to configure my client with these 3 ciphers:

TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_RC4_128_MD5

In Java supported cipher suites, I found the same ciphers but with SSL at the beginning NOT TLS. The question, if I configured my client with:

SSL_RSA_WITH_RC4_128_SHA
SSL_RSA_WITH_3DES_EDE_CBC_SHA
SSL_RSA_WITH_RC4_128_MD5

Are the two lists exactly the same and will be interpreted by the server same? I am worried if I configured the client with SSL_* ciphers this mean something different than TLS_* and may be some servers do not support SSL_*. How can I be sure?

user2192774
  • 3,807
  • 17
  • 47
  • 62
  • Please don't do this unless you know exactly what you are doing and are committed to keeping your software up to date. If you go down this path it's all too easy for your software to end up with a hardcoded list of supported ciphersuites none of which are recommended anymore. – plugwash Jun 01 '16 at 00:27

1 Answers1

13

Yes, they are the same. See Java Cryptography Architecture Standard Algorithm Name Documentation:

Some JSSE cipher suite names were defined before TLSv1.0 was finalized, and were therefore given the SSL_ prefix. The names mentioned in the TLS RFCs prefixed with TLS_ are functionally equivalent to the JSSE cipher suites prefixed with SSL_.

Bruno
  • 119,590
  • 31
  • 270
  • 376