OS and Browser Minimum Requirements
- rossc
- Dennis Navarro
For security purposes we have shut down various TLS protocols and ciphers.
These are our minimum requirements to run background applications such as Auto Print or Message Transformer.
TLS Requirements
All web endpoints for oneflo and its integrations are accessed over HTTPS. We currently support TLS protocol version TLSv1.2 and up. We currently support the following ciphers:
Cipher | TLS version | Strength |
|---|---|---|
TLS_AES_128_GCM_SHA256 | TLSv1.3 | strong |
TLS_AES_256_GCM_SHA384 | TLSv1.3 | strong |
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | TLSv1.2 | strong |
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 | TLSv1.2 | strong |
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 | TLS 1.2 | strong |
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 | TLS 1.2 | strong |
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | TLS 1.2 | strong |
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 | TLS 1.2 | strong |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 | TLS 1.2 | |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 | TLS 1.2 |
At the time of writing the above protocols and cipher suite are a reasonable compromise of popularity and strength.
Web browsers and integrations MUST support one or more of the protocols or ciphers above. If your organisation decrypts / re-encrypts TLS traffic at the perimiter for inspection, the appliance MUST re-encrypt using one or more of the protocols or ciphers above. A failure to negotiate a TLS handshake will produce errors such as:
“Could not create SSL/TLS secure tunnel”
“TLS protocol or certificate type is not supported.”
“TLS protocol violation.”
“ERR_SSL_PROTOCOL_ERROR”
“ERR_SSL_VERSION_OR_CIPHER_MISMATCH“
Operating systems and libraries that are compatible with our TLS requirements are:
Windows
Windows Server 2016 and Windows 10, version 1607 - TLSv1.2 only
Windows Server 2022 and Windows 11 - TLSv1.2 and TLSv1.3
Mac OS
Mac OS X 10.9 Mavericks - TLSv1.2 only
Mac OS X 10.14 Mojave - TLSv1.2 and TLSv1.3
Linux
OpenSSL 1.0.1 - TLSv1.2 only
OpenSSL 1.1.1 - TLSv1.2 and TLSv1.3
If you experience TLS issues when accessing our APIs or installing our software, please contact your IT department or vendor.