How to view ciphers enabled for SSL/TLS profile ?

726

Created On 04/20/21 07:20 AM - Last Modified 10/22/25 04:30 AM

Cipher Suites

Certificate Management

PAN-OS

Objective

This article explains on how to view the ciphers enabled for an ssl/tls profile via CLI.

Environment

Palo Alto Firewall or Panorama
PAN-OS 8.1 or later

Procedure

The command " show shared ssl-tls-service-profile <Name> protocol-settings <tab>" in configuration mode displays the ciphers used in SSL TLS profile.

Example:

admin@Firewall_1> configure 
admin@Firewall_1# show  shared ssl-tls-service-profile Local_Root protocol-settings
protocol-settings {
  min-version tls1-0;
  max-version max;
  auth-algo-sha1 yes;
  auth-algo-sha256 yes;
  auth-algo-sha384 yes;
  enc-algo-3des yes;
  enc-algo-aes-128-cbc yes;
  keyxchg-algo-dhe yes;
  keyxchg-algo-ecdhe yes;
  keyxchg-algo-rsa yes;
}
[edit]
admin@Firewall_1# exit

How to view ciphers enabled for SSL/TLS profile ?

Objective

Environment

Procedure

Other users also viewed: