Le traduzioni sono generate tramite traduzione automatica. In caso di conflitto tra il contenuto di una traduzione e la versione originale in Inglese, quest'ultima prevarrà.
# Policy di sicurezza SSL predefinite per Classic Load Balancer
Puoi scegliere una delle policy di sicurezza predefinite per i listener HTTPS/SSL. Puoi usare una delle policy `ELBSecurityPolicy-TLS` per soddisfare gli standard di conformità e sicurezza che richiedono la disabilitazione di alcune versioni del protocollo TLS. In alternativa, puoi creare una policy di sicurezza personalizzata. Per ulteriori informazioni, consulta [Aggiornamento della configurazione di negoziazione SSL](ssl-config-update.md).
Le crittografie basate su RSA e DSA sono specifiche dell'algoritmo di firma utilizzato per creare il certificato SSL. Assicurati di creare un certificato SSL utilizzando l'algoritmo di firma che si basa sulle crittografie abilitate per la policy di sicurezza.
Se selezioni una policy abilitata per Preferenza ordine server, il load balancer utilizza le crittografie nell'ordine in cui sono specificate qui per negoziare le connessioni tra il client e il load balancer. In caso contrario, il load balancer usa le crittografie nell'ordine in cui sono presentate dal client.
Le sezioni seguenti descrivono le politiche di sicurezza predefinite più recenti per Classic Load Balancer, inclusi i protocolli SSL e i codici SSL abilitati. È inoltre possibile descrivere le politiche predefinite utilizzando il comando. [describe-load-balancer-policies](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancer-policies.html)
**Suggerimento**
Queste informazioni si applicano solo ai Classic Load Balancer. Per informazioni relative ad altri sistemi di bilanciamento del carico, consulta [Policy di sicurezza per l'Application Load](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/describe-ssl-policies.html) Balancer [e Policy di sicurezza per il Network Load Balancer](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/describe-ssl-policies.html).
**Topics**
+ [Protocolli per policy](#tls-protocols)
+ [Cifre per politica](#tls-policy-ciphers)
+ [Politiche per cifra](#tls-cipher-policies)
## Protocolli per policy
La tabella seguente descrive i protocolli TLS supportati da ciascuna politica di sicurezza.
| Policy di sicurezza | TLS 1.2 | TLS 1.1 | TLS 1.0 |
| --- | --- | --- | --- |
| ELBSecurityPolicy-TLS-1-2-2017-01 | ![\[alt text not found\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/images/success_icon.svg) Sì | ![\[alt text not found\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/images/negative_icon.svg) No | ![\[alt text not found\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/images/negative_icon.svg) No |
| ELBSecurityPolitica-TLS-1-1-2017-01 | ![\[alt text not found\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/images/success_icon.svg) Sì | ![\[alt text not found\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/images/success_icon.svg) Sì | ![\[alt text not found\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/images/negative_icon.svg) No |
| ELBSecurityPolitica - 2016-08 | ![\[alt text not found\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/images/success_icon.svg) Sì | ![\[alt text not found\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/images/success_icon.svg) Sì | ![\[alt text not found\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/images/success_icon.svg) Sì |
| ELBSecurityPolitica - 2015-05 | ![\[alt text not found\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/images/success_icon.svg) Sì | ![\[alt text not found\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/images/success_icon.svg) Sì | ![\[alt text not found\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/images/success_icon.svg) Sì |
| ELBSecurityPolitica - 2015-03 | ![\[alt text not found\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/images/success_icon.svg) Sì | ![\[alt text not found\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/images/success_icon.svg) Sì | ![\[alt text not found\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/images/success_icon.svg) Sì |
| ELBSecurityPolitica-2015-02 | ![\[alt text not found\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/images/success_icon.svg) Sì | ![\[alt text not found\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/images/success_icon.svg) Sì | ![\[alt text not found\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/images/success_icon.svg) Sì |
## Cifre per politica
La tabella seguente descrive i codici supportati da ciascuna politica di sicurezza.
| Policy di sicurezza | Crittografie |
| --- | --- |
| ELBSecurityPolicy-TLS-1-2-2017-01 | [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/elb-security-policy-table.html) |
| ELBSecurityPolitica-TLS-1-1-2017-01 | [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/elb-security-policy-table.html) |
| ELBSecurityPolitica - 2016-08 | [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/elb-security-policy-table.html) |
| ELBSecurityPolitica - 2015-05 | [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/elb-security-policy-table.html) |
| ELBSecurityPolitica - 2015-03 | [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/elb-security-policy-table.html) |
| ELBSecurityPolitica - 2015-02 | [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/elb-security-policy-table.html) |
## Politiche per cifra
La tabella seguente descrive le politiche di sicurezza che supportano ogni cifrario.
| Nome del cifrario | Policy di sicurezza | Suite di cifratura |
| --- | --- | --- |
| ** ECDHE-ECDSA-AESOpenSSL** — 128-GCM- SHA256 IANA — **TLS\$1ECDHE\$1ECDSA\$1WITH\$1AES\$1128\$1GCM\$1** SHA256 | [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/elb-security-policy-table.html) | c02b |
| ** ECDHE-RSA-AESOpenSSL** — 128-GCM- SHA256 IANA — **TLS\$1ECDHE\$1RSA\$1WITH\$1AES\$1128\$1GCM\$1** SHA256 | [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/elb-security-policy-table.html) | c02f |
| ** ECDHE-ECDSA-AESOpenSSL** — 128- SHA256 **IANA** — TLS\$1ECDHE\$1ECDSA\$1WITH\$1AES\$1128\$1CBC\$1 SHA256 | [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/elb-security-policy-table.html) | c023 |
| ** ECDHE-RSA-AESOpenSSL** — 128- SHA256 **IANA** — TLS\$1ECDHE\$1RSA\$1WITH\$1AES\$1128\$1CBC\$1 SHA256 | [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/elb-security-policy-table.html) | c-027 |
| **OpenSSL** — ECDHE-ECDSA-AES 128-SHA **IANA — TLS\$1ECDHE\$1ECDSA\$1WITH\$1AES\$1128\$1CBC\$1SHA** | [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/elb-security-policy-table.html) | c009 |
| **OpenSSL** — ECDHE-RSA-AES 128-SHA **IANA — TLS\$1ECDHE\$1RSA\$1WITH\$1AES\$1128\$1CBC\$1SHA** | [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/elb-security-policy-table.html) | c-013 |
| ** ECDHE-ECDSA-AESOpenSSL** — 256-GCM- SHA384 IANA — **TLS\$1ECDHE\$1ECDSA\$1WITH\$1AES\$1256\$1GCM\$1** SHA384 | [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/elb-security-policy-table.html) | c02c |
| ** ECDHE-RSA-AESOpenSSL** — 256-GCM- SHA384 IANA — **TLS\$1ECDHE\$1RSA\$1WITH\$1AES\$1256\$1GCM\$1** SHA384 | [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/elb-security-policy-table.html) | c030 |
| ** ECDHE-ECDSA-AESOpenSSL** — 256- SHA384 **IANA** — TLS\$1ECDHE\$1ECDSA\$1WITH\$1AES\$1256\$1CBC\$1 SHA384 | [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/elb-security-policy-table.html) | c-024 |
| ** ECDHE-RSA-AESOpenSSL** — 256- SHA384 **IANA** — TLS\$1ECDHE\$1RSA\$1WITH\$1AES\$1256\$1CBC\$1 SHA384 | [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/elb-security-policy-table.html) | c-028 |
| **OpenSSL** — ECDHE-ECDSA-AES 256-SHA **IANA — TLS\$1ECDHE\$1RSA\$1WITH\$1AES\$1256\$1CBC\$1SHA** | [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/elb-security-policy-table.html) | c014 |
| **OpenSSL** — ECDHE-RSA-AES 256-SHA **IANA — TLS\$1ECDHE\$1ECDSA\$1WITH\$1AES\$1256\$1CBC\$1SHA** | [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/elb-security-policy-table.html) | c00a |
| ** AES128OpenSSL** — -GCM- SHA256 **IANA — TLS\$1RSA\$1CON\$1AES\$1128\$1GCM\$1** SHA256 | [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/elb-security-policy-table.html) | 9c |
| ** AES128OpenSSL** — - SHA256 **IANA** — TLS\$1RSA\$1CON\$1AES\$1128\$1CBC\$1 SHA256 | [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/elb-security-policy-table.html) | 3c |
| ** AES128OpenSSL** — -SHA IANA — **TLS\$1RSA\$1WITH\$1AES\$1128\$1CBC\$1SHA** | [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/elb-security-policy-table.html) | 2f |
| ** AES256OpenSSL** — -GCM- SHA384 **IANA — TLS\$1RSA\$1CON\$1AES\$1256\$1GCM\$1** SHA384 | [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/elb-security-policy-table.html) | 9d |
| ** AES256OpenSSL** — - SHA256 **IANA** — TLS\$1RSA\$1WITH\$1AES\$1256\$1CBC\$1 SHA256 | [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/elb-security-policy-table.html) | 3d |
| ** AES256OpenSSL** — -SHA IANA — **TLS\$1RSA\$1WITH\$1AES\$1256\$1CBC\$1SHA** | [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/elb-security-policy-table.html) | 35 |
| **OpenSSL** — DHE-RSA-AES 128-SHA **IANA — TLS\$1DHE\$1RSA\$1WITH\$1AES\$1128\$1CBC\$1SHA** | [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/elb-security-policy-table.html) | 33 |
| **OpenSSL** — DHE-DSS-AES 128-SHA **IANA — TLS\$1DHE\$1DSS\$1WITH\$1AES\$1128\$1CBC\$1SHA** | [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/elb-security-policy-table.html) | 32 |
| **OpenSSL** — DES- -SHA CBC3 **IANA — TLS\$1RSA\$1WITH\$13DES\$1EDE\$1CBC\$1SHA** | [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/it_it/elasticloadbalancing/latest/classic/elb-security-policy-table.html) | 0a |