The following ciphers are supported for internet-based connections via applications that use:
FTPS (No longer supported for new setups)
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
- TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
- TLS_DHE_RSA_WITH_AES_128_CCM (support beginning Q2 2023)
- TLS_DHE_RSA_WITH_AES_256_CCM (support beginning Q2 2023)
- TLS_DHE_RSA_WITH_AES_128_CCM_8 (support beginning Q2 2023)
- TLS_DHE_RSA_WITH_AES_256_CCM_8 (support beginning Q2 2023)
- TLS_RSA_WITH_AES_256_CBC_SHA256 (support ending Q2 2023)
- TLS_RSA_WITH_AES_128_CBC_SHA256 (support ending Q2 2023)
- TLS_RSA_WITH_AES_256_GCM_SHA384 (support ending Q2 2023)
- TLS_RSA_WITH_AES_128_GCM_SHA256 (support ending Q2 2023)
AS2 and HTTPS
- TLS_RSA_WITH_AES_128_CBC_SHA256 (support ending Q2 2023)
- TLS_RSA_WITH_AES_256_CBC_SHA256 (support ending Q2 2023)
- TLS_RSA_WITH_AES_256_GCM_SHA384 (support ending Q2 2023)
- TLS_RSA_WITH_AES_128_GCM_SHA256 (support ending Q2 2023)
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (support ending Q2 2023)
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (support ending Q2 2023)
- TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (support ending Q2 2023)
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (support ending Q2 2023)
- TLS_DHE_RSA_WITH_AES_128_CCM (support ending Q2 2023)
- TLS_DHE_RSA_WITH_AES_256_CCM (support ending Q2 2023)
- TLS_DHE_RSA_WITH_AES_128_CCM_8 (support ending Q2 2023)
- TLS_DHE_RSA_WITH_AES_256_CCM_8 (support ending Q2 2023)
If your application does not support the available ciphers, or otherwise does not have the required encryption capabilities, then it may be necessary to change its configuration, upgrade it to current version, replace it or switch to another protocol.