Cipher-Suites

A cipher suite refers to a group of cryptographic algorithms used to secure network connections established through the Transport Layer Security (TLS) or Secure Sockets Layer (SSL) protocol.

It consists of key exchange, encryption, and message authentication algorithms that work together to ensure the confidentiality, integrity, and authenticity of data transmitted over the network.

Know more about the allowed cipher-suites for webMethods.io Integration.

Supported Ciphers

When you create a TLS context, you can specify the list of cipher suites that should be used. If you do not specify any cipher suites, the default cipher suites for the selected TLS version will be used.

Important: Software AG recommends using only strong ciphers for business communications. Further, some TLS cipher suites are not listed in the table for backward compatibility reasons. Support for these ciphers may be removed at any time.

The following table displays the cipher suites supported by webMethods.io Integration for inbound traffic for both TLS 1.3 and TLS 1.2. However, as the outbound ciphers depend on third-party systems, they are not listed here.

Supported Cipers for TLS 1.3
Cipher Suite Name (OpenSSL) Recommended (Y/N) Reference (IANA/RFC)
TLS_AES_128_GCM_SHA256 Y [RFC8446]
TLS_AES_256_GCM_SHA384 Y [RFC8446]
TLS_CHACHA20_POLY1305_SHA256 Y [RFC8446]
TLS_AES_128_CCM_SHA256 Y [RFC8446]
TLS_AES_128_CCM_8_SHA256 Y [RFC8446]
Supported Cipers for TLS 1.2
Cipher Suite Name (OpenSSL) Recommended (Y/N) Reference (IANA/RFC)
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 Y [RFC5289]
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 Y [RFC5289]
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 Y [RFC5289]
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Y [RFC5289]
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 Y [RFC7905]
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 Y [RFC7905]
TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 Y [RFC7905]
TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 Y [RFC8442]
TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384 Y [RFC8442]
TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256 Y [RFC8442]