Loading

Salesforce Services and Marketing Cloud Supported TLS Cipher Suites

Дата публикации: Nov 8, 2024
Описание

Note: Salesforce Services and Marketing Cloud supports Transport Layer Security (TLS) 1.2 and 1.3. Salesforce no longer supports TLS 1.0 or 1.1 protocols.

TLS v1.2 Cipher Suites

TLS version 1.2 is supported with the following Cipher Suites for Marketing Cloud and Salesforce Services

PreferenceCipher SuiteOpenSSL CipherSuite Name
1TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384ECDHE-RSA-AES256-GCM-SHA384†
2TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256ECDHE-RSA-AES128-GCM-SHA256†
3TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384ECDHE-RSA-AES256-SHA384†
4TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256ECDHE-RSA-AES128-SHA256†
5TLS_RSA_WITH_AES_256_GCM_SHA384AES256-GCM-SHA384
6TLS_RSA_WITH_AES_128_GCM_SHA256AES128-GCM-SHA256
7TLS_RSA_WITH_AES_256_CBC_SHA256AES256-SHA256
8TLS_RSA_WITH_AES_128_CBC_SHA256AES128-SHA256
9TLS_RSA_WITH_AES_256_CBC_SHAAES256-SHA
10TLS_RSA_WITH_AES_128_CBC_SHAAES128-SHA

† Provides Forward Secrecy

 

TLS v1.3 Cipher Suites

TLS version 1.3 is supported with the following Cipher Suites for Salesforce Services hosted in Hyperforce:

PreferenceCipher Suite/OpenSSL CipherSuite Name
1TLS_AES_256_GCM_SHA384
2TLS_AES_128_GCM_SHA256
3TLS_AES_128_CCM_SHA256
4TLS_AES_128_CCM_8_SHA256
5TLS_CHACHA20_POLY1305_SHA256 (except GovCloud)

Salesforce provides a suite of protocols and ciphers that focus on security while allowing for a reasonable degree of compatibility. Our servers will negotiate to the most secure combination the client can support.
Based on the TLS version (1.2/1.3) clients support, it will connect with that protocol.
Ciphers are treated in the same way. The most secure cipher that can be negotiated with the client is used.

Номер статьи базы знаний

000380977

 
Загрузка
Salesforce Help | Article