Edit

Get-Tls Cipher Suite

  • Reference
Module:
TLS

Gets the TLS cipher suites for a computer.

Syntax 

Get-TlsCipherSuite
   [[-Name] <String>]
   [<CommonParameters>]

Description

The Get-TlsCipherSuite cmdlet gets an ordered collection of cipher suites for a computer that Transport Layer Security (TLS) can use.

For more information about the TLS cipher suites, see the documentation for the Enable-TlsCipherSuite cmdlet or type Get-Help Enable-TlsCipherSuite .

For more information about protocol versions , see BCRYPT_KDF_TLS_PRF (L"TLS_PRF") .

Examples

Example 1: Get all cipher suites 

PS C:\>Get-TlsCipherSuite
KeyType               : 0
Certificate           : RSA
MaximumExchangeLength : 65536
MinimumExchangeLength : 0
Exchange              : ECDH
HashLength            : 0
Hash                  : 
CipherBlockLength     : 16
CipherLength          : 256
BaseCipherSuite       : 49200
CipherSuite           : 49200
Cipher                : AES
Name                  : TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Protocols             : {771}


KeyType               : 0
Certificate           : RSA
MaximumExchangeLength : 65536
MinimumExchangeLength : 0
Exchange              : ECDH
HashLength            : 0
Hash                  : 
CipherBlockLength     : 16
CipherLength          : 128
BaseCipherSuite       : 49199
CipherSuite           : 49199
Cipher                : AES
Name                  : TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Protocols             : {771}

This command gets all TLS cipher suites for the computer.

Example 2: Get the cipher suites that match a string 

PS C:\>Get-TlsCipherSuite -Name "AES"
KeyType               : 0
Certificate           : ECDSA
MaximumExchangeLength : 65536
MinimumExchangeLength : 0
Exchange              : ECDH
HashLength            : 0
Hash                  :
CipherBlockLength     : 16
CipherLength          : 256
BaseCipherSuite       : 49196
CipherSuite           : 49196
Cipher                : AES
Name                  : TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Protocols             : {771, 65277}

KeyType               : 0
Certificate           : ECDSA
MaximumExchangeLength : 65536
MinimumExchangeLength : 0
Exchange              : ECDH
HashLength            : 0
Hash                  :
CipherBlockLength     : 16
CipherLength          : 128
BaseCipherSuite       : 49195
CipherSuite           : 49195
Cipher                : AES
Name                  : TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
Protocols             : {771, 65277}

This command gets all the cipher suites that have names that contain the string AES . Note that the name match is case sensitive and this command returns no output for the name aes . The output includes a field for the TLS/SSL protocols supported by the cipher. See Cipher Suites in TLS/SSL (Schannel SSP) for more information.

Parameters

-Name

Specifies the name of the TLS cipher suite to get. The cmdlet gets cipher suites that match the string that this cmdlet specifies, so you can specify a partial name. The name match is case sensitive.

Type: String
Position: 1
Default value: None
Accept pipeline input: True
Accept wildcard characters: False