Supported Ciphers in SnapLogic Platform
- Ankur Parekh
SnapLogic provides a suite of protocols and ciphers that focus on security while allowing for reasonable compatibility. Our servers negotiate to the most secure combination the client can support. Clients that are able to support TLS v1.2 connect with the related protocol. Similarly, the most secure cipher that can be negotiated with the client is used.
The following ciphers apply only for:
Public API calls to the SnapLogic control plane.
Control plane triggered API calls.
Triggered/Ultra API calls against Cloudplex instances.
These ciphers are not used for Groundplex Triggered/Ultra API calls, which use ciphers configured on customer managed load balancers
TLS 1.2 Cipher Suite | OpenSSL Cipher Suite |
|---|---|
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | ECDHE-ECDSA-AES128-GCM-SHA256 |
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA | ECDHE-ECDSA-AES128-SHA |
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | ECDHE-ECDSA-AES128-SHA256 |
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 | ECDHE-ECDSA-AES256-GCM-SHA384 |
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA | ECDHE-ECDSA-AES256-SHA |
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 | ECDHE-ECDSA-AES256-SHA384 |
TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 | ECDH-ECDSA-AES128-GCM-SHA256 |
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA | ECDH-ECDSA-AES128-SHA |
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 | ECDH-ECDSA-AES128-SHA256 |
TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 | ECDH-ECDSA-AES256-GCM-SHA384 |
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA | ECDH-ECDSA-AES256-SHA |
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 | ECDH-ECDSA-AES256-SHA384 |
TLS_DH_anon_WITH_AES_128_GCM_SHA256 | ADH-AES128-GCM-SHA256 |
TLS_DH_anon_WITH_AES_128_CBC_SHA | ADH-AES128-SHA |
TLS_DH_anon_WITH_AES_256_GCM_SHA384 | ADH-AES256-GCM-SHA384 |
TLS_DH_anon_WITH_AES_256_CBC_SHA | ADH-AES256-SHA |
TLS_DH_anon_WITH_DES_CBC_SHA | ADH-DES-CBC-SHA |
As we continue enhancing our security protocols, starting from August 14, 2021, we will cease support for the following ciphers on the SnapLogic Platform. Hence, we recommend you to remove these ciphers from your clients. Else, API calls to the control plane and your Cloudplex instances will likely fail.
TLS 1.2 Cipher Suite | OpenSSL Cipher Suite |
|---|---|
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 | ECDHE-RSA-AES128-SHA256 |
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 | ECDHE-RSA-AES256-GCM-SHA384 |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 | ECDHE-RSA-AES256-SHA384 |
TTLS_ECDHE_RSA_WITH_AES_256_CBC_SHA | ECDHE-RSA-AES256-CBC-SHA |
If your SnapLogic Platform displays SSL/TLS related error messages after August 14, then you might want to confirm if any of your clients are using the above unsupported ciphers.
Have feedback? Email documentation@snaplogic.com | Ask a question in the SnapLogic Community
© 2017-2024 SnapLogic, Inc.