[Progress Communities] [Progress OpenEdge ABL] Forum Post: Progress Client calling SSL API endpoint

Status
Not open for further replies.
S

Shao Chan

Guest
Hi, I have looked at the supported cipher list here: https://docs.progress.com/bundle/se...or-Progress-OpenEdge-clients-and-servers.html Is it fair to say that an endpoint with the following results from an SSL Lab is not supported: Certificate #1: RSA 2048 bits (SHA256withRSA) Key RSA 2048 bits (e 65537) Signature algorithm SHA256withRSA Protocols TLS 1.3 No TLS 1.2 Yes TLS 1.1 Yes TLS 1.0 Yes SSL 3 No SSL 2 No For TLS 1.3 tests, we only support RFC 8446. Cipher Suites # TLS 1.2 (suites in server-preferred order) TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) ECDH secp256r1 (eq. 3072 bits RSA) FS 128 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) ECDH secp256r1 (eq. 3072 bits RSA) FS 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) ECDH secp256r1 (eq. 3072 bits RSA) FS WEAK 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028) ECDH secp256r1 (eq. 3072 bits RSA) FS WEAK 256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027) ECDH secp256r1 (eq. 3072 bits RSA) FS WEAK 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) ECDH secp256r1 (eq. 3072 bits RSA) FS WEAK 128 TLS_RSA_WITH_AES_256_CBC_SHA (0x35) WEAK 256 TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) WEAK 128 TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa) WEAK 112 I've seen this link but as far as I can tell, whilst the question is answered, it does not provide a solution and the links to the knowledgebase don't result in a solution either. community.progress.com/.../57841 From what I can tell, there are standard ciphers supported and then you can change them to any other value in the supported list, but all the above are not supported. I have exported the cert into the DLC certs directory using the tools. I get Error 9318 or if I add the non-suppported ciphers the Progress client crashes and disappears with no error. Is someone able to verify whether it should work in the first place, the best workaround approaches and the direction of support going forwards. Thanks

Continue reading...
 
Status
Not open for further replies.
Top