TLS

The Ravelin API only accepts requests over HTTPS using TLS version 1.2 or higher. One of the following cipher suites must be used:

  • TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
  • TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

The above requirements are under frequent review and may change as TLS best practices evolve. Clients will be alerted in advance of any changes.

All other cipher suites are restricted.

Feedback