SSL cipher suites that are supported/accepted for communications
search cancel

SSL cipher suites that are supported/accepted for communications

book

Article ID: 285065

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense) Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)

Issue/Introduction

Which SSL cipher suites are accepted or supported for Sensor to Cloud communications?

Environment

  • Carbon Black Cloud Console: All Versions
  • Carbon Black Cloud Sensor: All Versions
  • Apple macOS: All Supported Versions
  • Linux: All Supported Versions
  • Microsoft Windows: All Supported Versions

Resolution

Please refer to the User Guide for specific list of ciphers along with there Strength level and TLS version.

Additional Information

  • As of 26-Sep-2022, our signature update servers will no longer accept TLS v1.0 or v1.1 for secure connections
  • As of February of 2024 TLS 1.3 will be Implemented on the Environmental specific URLs. 
  • NOTE: This means some older operating systems, like Windows 2012 and earlier, may need to be updated to get this capability, even after updating specified ciphers which include ECDHE may not work unless they have the full ECCCurve included like "<CIPHER>_P512" in the supported ciphers list
  • Prior to Windows 10, cipher suite strings were appended with the elliptic curve to determine the curve priority. Windows 10 supports an elliptic curve priority order setting so the elliptic curve suffix is not required and is overridden by the new elliptic curve priority order, when provided, to allow organizations to use group policy to configure different versions of Windows with the same cipher suites.