SSL cipher suites that are supported/accepted for communications
book
Article ID: 285065
calendar_today
Updated On:
Products
Carbon Black Cloud Endpoint Standard (formerly Cb Defense)Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)
Issue/Introduction
Which SSL cipher suites are accepted or supported for Sensor to Cloud communications?
Environment
Carbon Black Cloud Console: All Versions
Carbon Black Cloud Sensor: All Versions
Apple macOS: All Supported Versions
Linux: All Supported Versions
Microsoft Windows: All Supported Versions
Resolution
Please refer to the User Guide for specific list of ciphers along with there Strength level and TLS version.
Additional Information
As of 26-Sep-2022, our signature update servers will no longer accept TLS v1.0 or v1.1 for secure connections
As of February of 2024 TLS 1.3 will be Implemented on the Environmental specific URLs.
NOTE: This means some older operating systems, like Windows 2012 and earlier, may need to be updated to get this capability, even after updating specified ciphers which include ECDHE may not work unless they have the full ECCCurve included like "<CIPHER>_P512" in the supported ciphers list.
Prior to Windows 10, cipher suite strings were appended with the elliptic curve to determine the curve priority. Windows 10 supports an elliptic curve priority order setting so the elliptic curve suffix is not required and is overridden by the new elliptic curve priority order, when provided, to allow organizations to use group policy to configure different versions of Windows with the same cipher suites.