[[ciphers]] === Enabling Cipher Suites for Stronger Encryption The TLS and SSL protocols use a cipher suite that determines the strength of encryption used to protect the data. You may want to increase the strength of encryption used when using a Oracle JVM; the IcedTea OpenJDK ships without these restrictions in place. This step is not required to successfully use encrypted communication. The _Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files_ enable the use of additional cipher suites for Java in a separate JAR file that you need to add to your Java installation. You can download this JAR file from Oracle's http://www.oracle.com/technetwork/java/javase/downloads/index.html[download page]. The _JCE Unlimited Strength Jurisdiction Policy Files`_ are required for encryption with key lengths greater than 128 bits, such as 256-bit AES encryption. After installation, all cipher suites in the JCE are available for use. To enable the use of stronger cipher suites with {security}, configure the `cipher_suites` parameter. See the <> section of this document for specific parameter information. NOTE: The _JCE Unlimited Strength Jurisdiction Policy Files_ must be installed on all nodes in the cluster to establish an improved level of encryption strength.