Specify a custom level of Cipher Suite security for Cisco UCS Manager

This post is to provide an example about how to specify a custom level of Cipher Suite security for the Cisco UCS Manager.  Cisco have provided a customer Cipher Suite Mode, which allows you to specify a user-defined Cipher Suite specification string.


Navigate to Communication Management > Communication Services, in the HTTPS area, choose “customer” and then the Cipher Suite field can be edited. Based on the Cisco document:

cipher-suite-spec-string can contain up to 256 characters and must conform to the OpenSSL Cipher Suite specifications. You cannot use any spaces or special characters except ! (exclamation point), + (plus sign), – (hyphen), and : (colon). “

In this example, we will try to remove a weak cipher 3DES (Triple-DES encoding) from the Cipher Suite.


  • Step 1, select the “High Strength” cipher suite and copy cipher suite string out, which looks like below:




  • Step 3, add “:!3DES” at the end of the string generated from step 1 as below and copy to the “cipher suite” field.



Apply the change and the new cipher suite will take place.

Cipher Suite

For the details, reference below Cisco document link:


Leave a Reply