Whether cipher suites is related to public key certificate?

Asked Mar 01 '19 at 11:13

Active Mar 01 '19 at 13:00

Viewed 37 times

I want to use TLS version 1.2 and Authenticated Encryption with Associated Data (AEAD).

Can a public key certificate obtained from a certification authority specify which of the ciphers I can use?
Can a public key certificate obtained from a certification authority determine that I am using only specific ciphers?

Or maybe these two things are not completely related to each other.

edited Mar 01 '19 at 13:00

Steffen Ullrich

184,332
29
363
424

asked Mar 01 '19 at 11:13

LubieCiastka

2

Possible duplicate of [SSL certificates and cipher suites correspondence](https://security.stackexchange.com/questions/90422/), [Does the server certificate control the cipher suites available to secure the communications?](https://security.stackexchange.com/questions/98395/), [Can a SSL Certificate dictate protocol?](https://security.stackexchange.com/questions/129987) – Steffen Ullrich Mar 01 '19 at 12:59
No it can not, at least not with a common extension. It can influence some aspects of the key exchange mode (with key usage and key parameters). Most common is PSS usage or forbidding encryption/wrapping which would enforce ephemeral handshakes (If honored). But the hash and symmetric cipher or cipher mode are independent. – eckes Mar 02 '19 at 01:05

Whether cipher suites is related to public key certificate?

0 Answers0