Reply
Moderator
Posts: 30
Registered: ‎09-25-2017

SHA-1 CIpher Removed For Akamai Endpoints

[ Edited ]

Update completed for Production. If you are experiencing issues connecting to the production since 01/15/2019 ~9:30pm Pacific, please check the ciphers you are attempting to used.  

 

-------

 

Update complete for Sandbox.  If you are experiencing issues connecting to the sandbox since 11/06/2018 ~8:20am Pacific, please check the ciphers you are attempting to used.  

 

-------

 

Authorize.Net will be removing support for SHA-1 ciphers on our Akamai endpoints. The below ciphers will be first disabled in Sandbox and then later in Production. ECDHE and AESGCM are preferred ciphers to be used.

 

API users may need to update their clients/solutions to support newer ciphers. Portal users will need to make sure to use updated/modern web browsers.

 

 

Ciphers being removed:

 

  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = ECDHE-RSA-AES256-SHA
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = ECDHE-RSA-AES128-SHA
  • TLS_RSA_WITH_AES_128_CBC_SHA = AES128-SHA

 

Change Dates:

  • 11/06/2018 – Sandbox will be updated to remove/disable support for these ciphers.
    • Endpoints Impacted: All
  • 01/15/2019 – Production will be updated to remove/disable support for these ciphers.
    • Endpoints/Urls Impacted:
      • api2.authorize.net - API
      • secure2.authorize.net - API
      • account.authorize.net - Portal
      • login.authorize.net - Portal
      • partner.authorize.net - Portal

 

Please refer to our TLS/Cipher FAQ for additional information.

https://support.authorize.net/s/article/Authorize-Net-Support-for-SSL-TLS-FAQ