Forums, Documentation & Knowledge Base - ComponentSpace

Avoid the use of unsupported ciphers


https://componentspace.com/forums/Topic11683.aspx

By jmoring - 7/27/2021

We have a client using PingFederated. They have been notified regarding the sunsetting of the following ciphers: 

 • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
• TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
• TLS_DHE_RSA_WITH_AES_256_CBC_SHA
• TLS_RSA_WITH_3DES_EDE_CBC_SHA

We are trying to assess the impact this will have on our use of Saml2 For Asp.NET with this client.
Is there a specific version we need to be using to avoid issues with these obsolete ciphers?

Let us know if there is any additional info needed to make this assessment.

Thanks for your assistance,
Jim


By ComponentSpace - 7/27/2021

Hi Jim,

We recommend HTTPS for all communications but don't specify which TLS ciphers should be used. This isn't controlled or specified by our library. Instead, this is negotiated at the operating system level. As long as you're running a recent version of Windows Server there shouldn't be any issues. Please check with the Microsoft documentation for the version of Windows you're using.