Supported hashing and encryption algorithms for TLS libraries

Client applications use the HTTPS protocol to communicate with the StorageGRID Webscale system over a network connection that uses Transport Layer Security (TLS). The StorageGRID Webscale system supports a limited set of hashing and encryption algorithms from the TLS libraries that client applications can use when establishing a TLS session. When you are setting up the communication processes, it is important for you to know which security algorithms the system uses.

The StorageGRID Webscale system supports the following cipher suite security algorithms:

TLS version Cipher suite Benefit
Note: TLS v1.1 is deprecated in StorageGRID Webscale 11.1. Support for TLS v1.1 will be removed in a future StorageGRID Webscale release.
v1.2 TLS_RSA_WITH_AES_128_CBC_SHA Provide secure encryption and efficient processing of objects.
TLS_RSA_WITH_AES_128_GCM_SHA256 Provide secure encryption and more efficient processing of large objects.
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 Support perfect forward secrecy.

The TLS session negotiates the connection, using either AES128 or AES256 based on the client application requirements, and the need to balance performance with encryption security.

Attention: SSLv3 is no longer supported for connections to the Storage Node or API Gateway Node.