This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Product Advisories

Read and subscribe to the latest announcements and advisories relating to the SecurID product.

Security-Level Update for IDR Cipher ECDHE-RSA-AES256-SHA384

Summary

The security level of the IDR cipher ECDHE-RSA-AES256-SHA384 will be changed from HIGH to MEDIUM in INCOMING and OUTGOING connection encryption settings. This is planned for October 2023 release.

Details

INCOMING Connection

If you are using HIGH encryption settings for INCOMING connections and if the end user/API client machines do not have any other common cipher than ECDHE-RSA-AES256-SHA384, upgrade the machines to include ciphers from the following list.

  • ECDHE-RSA-AES256-GCM-SHA384
  • ECDHE-RSA-AES128-GCM-SHA256
  • DHE-RSA-AES256-GCM-SHA384
  • DHE-RSA-AES128-GCM-SHA256

OUTGOING Connection

If you are using HIGH encryption settings for OUTGING connections and if any of the configured proxy backend applications (HTTP Federation Proxy/Trusted Header) do not have any other common cipher than ECDHE-RSA-AES256-SHA384, upgrade the backend applications to include the ciphers from the following list.

  • ECDHE-RSA-AES256-GCM-SHA384
  • ECDHE-RSA-AES128-GCM-SHA256
  • ECDHE-ECDSA-AES128-GCM-SHA256
  • DHE-RSA-AES256-GCM-SHA384
  • DHE-RSA-AES128-GCM-SHA256

If you are unable to upgrade the cipher ECDHE-RSA-AES256-SHA384 settings at client, configure the MEDIUM level and publish.

Labels (2)
Was this article helpful? Yes No
No ratings
Version history
Last update:
‎2023-08-07 12:01 AM
Updated by:
New Contributor New Contributor
Contributors

Related Content

Article Dashboard
© 2023 RSA Security LLC or its affiliates. All rights reserved.