Please give me a confirmation on the Ciphers Suite used in the Server and Client end for encrypting the data during its transfer from Client end to the Server end?
Hi @Bulusu Venkatesh !
Assuming you are asking about api.statuspage.io here. Our developer documentation does not explicitly list the supported ciphers; however, you can use a resource like SSL Labs to create a report of the supported ciphers and TLS versions:
https://www.ssllabs.com/ssltest/analyze.html?d=api.statuspage.io
Hope this helps!
Robert
Hi Robert,
Thanks for your answer.
i would also want to know what cipher suites need to be used and what's listed/used currently?
Please Verify:-
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - not listed
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - not listed
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - listed
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - listed
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Bulusu Venkatesh
The ones not listed are not supported.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Robert,
Thanks for your answer.
I would also like to know if the client requires some Ciphers that are not listed. will you able to provide it to them?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Is your client getting an error when trying to reach the API? I would expect that list to include all the supported ciphers.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Robert,
Thanks for your answer.
Can you please confirm the cipher suites that are not listed, can they be also supported if a client requires it?
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - not listed
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - not listed
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Robert,
can you please confirm me that the cipher suite provided below is weak, if required statuspage.io can remove it for me from their support?
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027) ECDH secp256r1 (eq. 3072 bits RSA) FS WEAK
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Bulusu Venkatesh !
That cipher is likely included so Statuspages still render on some older devices/browsers. However, it won't be used as long as the client supports any of the others listed (it's last on the server-preferred order).
While a cipher may be labeled as weak in that test, that does not necessarily mean it's insecure.
Unfortunately, at this time, we do not have a method to selectively disable or enable specific ciphers for a page. However, our team is always reviewing these connection requirements to ensure they align with current best practices and industry standards
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.