Skip to main content
Skip table of contents

Minimum cipher suites

Cipher suite compliance

After 3:00 p.m. UK time on Friday 10 December 2021, ONLY the following cipher suites will be accepted over TLS 1.2 or 1.3 from local user directory connections:

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256


I’m not sure how our local user directory is connected to OpenAthens

Log into the OpenAthens administration dashboard and go to Management > Connections. This is where the link from your organisation’s user directory to the OpenAthens service is managed. The team which manages the user directory listed there needs to review this advisory.


Further reading

Microsoft: Managing SSL/TLS Protocols and Cipher Suites for AD FS

Changing PingFederate Cipher Suites

Okta: LDAP interface troubleshooting

Okta: Managing SSL/TLS termination

SSLCipherSuite Directive (where your local user directory uses Apache, e.g., SirsiDynix)


     

     





JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.