Securing Your JFrog Cloud Instances: Up-to-Date Supported Ciphers List

Ariel Raps
2021-07-18 12:06

By the end of the 3rd quarter of 2021, JFrog will be updating the list of supported ciphers for SSL and network security. This is a planned change to further fortify your JFrog Platform infrastructure.

 

To prepare for this change, validate that all the tools connecting to your JFrog Cloud instances, including developer clients, automation tools and browsers, are utilizing one or more of the following supported TLS ciphers: 

  • TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_RSA_WITH_AES_128_GCM_SHA256

 

Following this period, JFrog will no longer support these non-recommended ciphers

  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
  • TLS_RSA_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
  • TLS_RSA_WITH_AES_128_CBC_SHA

  

Warning

Once these changes come into effect, you need to have at least one of the supported ciphers when initiating an SSL connection, otherwise, the JFrog Cloud platform will reject the request, and you will receive an error message.