Dear Bosch IoT Hub Customer,
Our goal is to provide device communication service in an up-to-date and secure manner. Bosch IoT Hub uses secure protocols for all connectivity. As a consequence of this we plan to stop support of some cipher suites, which have been considered insecure (cf. [1]).
From 01.09.2021 on, Bosch IoT Hub will no longer support the following cipher suites:
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- TLS_RSA_WITH_AES_256_CBC_SHA
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- TLS_RSA_WITH_AES_128_CBC_SHA
- TLS_RSA_WITH_3DES_EDE_CBC_SHA
Consequences
If your devices only support above mentioned cipher suites, they will no longer be able to connect to Bosch IoT Hub after 01.09.2021.
As a customer having a Starter or Standard plan §15.3 Changes of the Service and the Terms and Conditions of the SaaS Terms and Conditions applies [2]: “[…] If Customer does not object within 30 days of receipt of the notification and continues to use the Service after expiry of the period for objection, then the changes shall be deemed to have been effectively agreed as from the expiry date of the time limit. In the event of an objection, the contractual relationship shall be continued subject to the conditions applying hitherto. If an objection is raised, Provider is entitled to terminate the contractual relationship subject to a one (1) month’ notice period.”
Clients communicating with the following protocol adapters are impacted by the change:
- MQTT protocol adapter
- HTTP protocol adapter
- AMQP 1.0 protocol adapter
- LoRa protocol adapter
The clients of the CoAP protocol adapter are not impacted and no changes are necessary.
Support
For a customer having a Starter or Standard plan, we can provide on request the endpoints for the testing purposes. Please contact us if you want to get endpoints for testing purposes.
If you have any further questions, do not hesitate to contact us.
Yours sincerely
Bosch IoT Hub team
[1] https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml