As per the TLS (SSL) Versions and Ciphers - TLS (SSL) Versions and Ciphers, " Auth0’s network edge has a secure set of allowed SSL/TLS version/cipher suite combinations. When connecting to Auth0 services using a reverse proxy with self-managed certificates, you must use a supported TLS version and cipher suite. During the TLS handshake, communication between the server and client specifies the TLS version and cipher suite. If you are not using a supported version, a failure could occur. "
The TLS configuration for our development environment TLS 1.2, ECDHE_RSA with P-256, and AES_128_GCM. Auth0 supported ciphers list for TLS 1.2 are:
- ECDHE-ECDSA-AES128-GCM-SHA256
- ECDHE-ECDSA-CHACHA20-POLY1305
- ECDHE-RSA-AES128-GCM-SHA256
- ECDHE-RSA-CHACHA20-POLY1305
- ECDHE-ECDSA-AES128-SHA256
- ECDHE-ECDSA-AES128-SHA
- ECDHE-RSA-AES128-SHA256
- ECDHE-RSA-AES128-SHA
- AES128-GCM-SHA256 10.AES128-SHA256
- AES128-SHA
- ECDHE-ECDSA-AES256-GCM-SHA384
- ECDHE-ECDSA-AES256-SHA384
- ECDHE-RSA-AES256-GCM-SHA384
- ECDHE-RSA-AES256-SHA384
- ECDHE-RSA-AES256-SHA
- AES256-GCM-SHA384
- AES256-SHA256
- AES256-SHA
AES_128_GCM and AES128-GCM-SHA256 are the same thing but do you guys think, ECDHE_RSA with P-256 is not supported by auth0?