An external penetration test vendor flagged our Auth0 domain URL as having potential security vulnerabilities because it doesn’t have TLS 1.0 disabled, and because of use of what is considered to be a weak SSL cipher (TLS_RSA_WITH_3DES_EDE_CBC_SHA) with key length of less than 128 bits. Is there an…

Hey there Folks! Little update from here. Now you can do that yourself! Here’s how to achieve that: [image] How can I disable TLS 1.0, TLS 1.1 and weak ciphers with custom domains? FAQs Question: How can I disable TLS 1.0, TLS 1.1 and weak ciphers with custom domains? A…

How to disable use of TLS 1.0 and weak ciphers?

Help

konrad.sopala June 22, 2020, 2:57pm 8

Hey there Folks!

Little update from here. Now you can do that yourself!

Here’s how to achieve that:

Topic		Replies	Views
How can I disable TLS 1.0, TLS 1.1 and weak ciphers with custom domains? Knowledge Articles auth0 , tls , faq , cipher	1	4969	June 22, 2020
Why are 'weak' ciphers used on our login page? Knowledge Articles custom-domain , ciphers	1	1335	July 21, 2023
TLS 1.0 still enabled after setting tls_policy to recommended Help security , tls	11	4981	May 18, 2021
How to Require TLS 1.3 and Not Allow 1.2 Knowledge Articles	1	178	May 13, 2024
Action Required: Upgrade to TLS 1.2 or later Help tls	35	8842	March 31, 2021

How to disable use of TLS 1.0 and weak ciphers?

Related topics