Supported Ciphers in SnapLogic Platform

SnapLogic provides a suite of protocols and ciphers that focus on security while allowing for reasonable compatibility. Our servers negotiate to the most secure combination the client can support. Clients that are able to support TLS v1.2 connect with the related protocol. Similarly, the most secure cipher that can be negotiated with the client is used.

The following ciphers apply only for:

  • Public API calls to the SnapLogic control plane.

  • Control plane triggered API calls.

  • Triggered/Ultra API calls against Cloudplex instances.

These ciphers are not used for Groundplex Triggered/Ultra API calls, which use ciphers configured on customer managed load balancers

TLS 1.2 Cipher Suite

OpenSSL Cipher Suite

TLS 1.2 Cipher Suite

OpenSSL Cipher Suite

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

ECDHE-ECDSA-AES128-GCM-SHA256

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA

ECDHE-ECDSA-AES128-SHA

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

ECDHE-ECDSA-AES128-SHA256

TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

ECDHE-ECDSA-AES256-GCM-SHA384

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA

ECDHE-ECDSA-AES256-SHA

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384

ECDHE-ECDSA-AES256-SHA384

TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256

ECDH-ECDSA-AES128-GCM-SHA256

TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA

ECDH-ECDSA-AES128-SHA

TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256

ECDH-ECDSA-AES128-SHA256

TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384

ECDH-ECDSA-AES256-GCM-SHA384

TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA

ECDH-ECDSA-AES256-SHA

TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384

ECDH-ECDSA-AES256-SHA384

TLS_DH_anon_WITH_AES_128_GCM_SHA256

ADH-AES128-GCM-SHA256

TLS_DH_anon_WITH_AES_128_CBC_SHA

ADH-AES128-SHA

TLS_DH_anon_WITH_AES_256_GCM_SHA384

ADH-AES256-GCM-SHA384

TLS_DH_anon_WITH_AES_256_CBC_SHA

ADH-AES256-SHA

TLS_DH_anon_WITH_DES_CBC_SHA

ADH-DES-CBC-SHA

As we continue enhancing our security protocols, starting from August 14, 2021, we will cease support for the following ciphers on the SnapLogic Platform. Hence, we recommend you to remove these ciphers from your clients. Else, API calls to the control plane and your Cloudplex instances will likely fail.

TLS 1.2 Cipher Suite

OpenSSL Cipher Suite

TLS 1.2 Cipher Suite

OpenSSL Cipher Suite

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

ECDHE-RSA-AES128-SHA256

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

ECDHE-RSA-AES256-GCM-SHA384

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

ECDHE-RSA-AES256-SHA384

TTLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

ECDHE-RSA-AES256-CBC-SHA

If your SnapLogic Platform displays SSL/TLS related error messages after August 14, then you might want to confirm if any of your clients are using the above unsupported ciphers.