Configuring the use of secure cryptographic algorithms, ciphers, and protocols

To ensure the security of network connections between the Integration Server and the virtual infrastructure, it is recommended to use the following cryptographic algorithms, cipher suites, and protocols on devices where the Integration Server and the virtual infrastructure objects to which the Integration Server connects are installed:

• Encryption algorithms: AES 256.
• Hashing algorithms:
  • SHA256.
  • SHA384.
  • SHA512.
• Key exchange algorithms:
  • Diffie-Hellman (ServerMinKeyBitLength=2048, ClientMinKeyBitLength=2048).
  • ECDH (ServerMinKeyBitLength=2048, ClientMinKeyBitLength=2048).
• Protocols:
  • TLS 1.2.
  • TLS 1.3.
• Cipher suites:
  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384.
  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P521.
  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P384.
  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256.
  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P521.
  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P384.
  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P256.
  • TLS_AES_128_CCM_8_SHA256.
  • TLS_AES_128_CCM_SHA256.
  • TLS_AES_128_GCM_SHA256.
  • TLS_AES_256_GCM_SHA384.
  • TLS_CHACHA20_POLY1305_SHA256.
  • TLS_DHE_DSS_WITH_AES_128_GCM_SHA256.
  • TLS_DHE_DSS_WITH_AES_256_GCM_SHA384.
  • TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256.
  • TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384.
  • TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256.
  • TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384.
  • TLS_DHE_PSK_WITH_AES_128_CCM.
  • TLS_DHE_PSK_WITH_AES_128_GCM_SHA256.
  • TLS_DHE_PSK_WITH_AES_256_CCM.
  • TLS_DHE_PSK_WITH_AES_256_GCM_SHA384.
  • TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256.
  • TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384.
  • TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256.
  • TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384.
  • TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256.
  • TLS_ECDHE_ECDSA_WITH_AES_128_CCM.
  • TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8.
  • TLS_ECDHE_ECDSA_WITH_AES_256_CCM.
  • TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8.
  • TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256.
  • TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384.
  • TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256.
  • TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384.
  • TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256.
  • TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256.
  • TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256.
  • TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256.
  • TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384.
  • TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256.
  • TLS_DHE_RSA_WITH_AES_128_CCM.
  • TLS_DHE_RSA_WITH_AES_128_CCM_8.
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256.
  • TLS_DHE_RSA_WITH_AES_256_CCM.
  • TLS_DHE_RSA_WITH_AES_256_CCM_8.
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384.
  • TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256.
  • TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384.
  • TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256.
  • TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384.
  • TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256.
  • TLS_ECCPWD_WITH_AES_128_CCM_SHA256.
  • TLS_ECCPWD_WITH_AES_128_GCM_SHA256.
  • TLS_ECCPWD_WITH_AES_256_CCM_SHA384.
  • TLS_ECCPWD_WITH_AES_256_GCM_SHA384.
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256.
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384.
  • TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256.
  • TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384.
  • TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256.
  • TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384.
  • TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256.

If you do not have the latest versions of operating systems and hypervisors installed, problems may occur in the Integration Server's interactions with the virtual infrastructure due to incompatible cipher suites. In this case, we recommend to contact Technical Support.