This offer is only addressed to commercial customers including freelancers and entrepreneurs. All prices are exclusive of value added tax (VAT).
Bosch IoT Suite
  • Share via email
  • Subscribe to blog alert

Bosch IoT Rollouts: TLS configuration update – disabling of weak cipher suites

Jun 24, 2021

In a previous blog post, we already informed you about upcoming changes of our TLS configuration [1]. With this service update, we will no longer support TLS 1.0 and TLS 1.1. We want to use this update to adjust the list of supported ciphers as well. This means that Bosch IoT Rollouts will only support the ciphers listed below as of 09/01/2021.

Test endpoints with the new ciphers policy applied as described in [1] are already in place. Note that a test endpoint for artifact download via our CDN does not exist. However, you can use the available endpoints to test the connectivity of your devices with the new TLS policy. These endpoints are for testing purposes only and are subject to change without prior notice. In addition, we do not guarantee any SLA for these endpoints.

Supported ciphers for DDI-interface
EU1: https://device.eu1.bosch-iot-rollouts.com & https://device-cert.eu1.bosch-iot-rollouts.com
US1: https://device.us1.bosch-iot-rollouts.com & https://device-cert.us1.bosch-iot-rollouts.com

  • TLS_AES_128_GCM_SHA256
  • TLS_AES_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_RSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

Supported ciphers for Management UI & Management API
EU1: https://console.eu1.bosch-iot-rollouts.com & https://console.eu1.bosch-iot-rollouts.com
US1: https://console.us1.bosch-iot-rollouts.com & https://console.us1.bosch-iot-rollouts.com

  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

Supported ciphers for artifact download via CDN
EU1: https://cdn.eu1.bosch-iot-rollouts.com
US1: https://cdn.us1.bosch-iot-rollouts.com

  • TLS_AES_128_GCM_SHA256
  • TLS_AES_256_GCM_SHA384
  • TLS_CHACHA20_POLY1305_SHA256
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

If you have any further questions, do not hesitate to contact us.

[1] https://bosch-iot-suite.com/news/bosch-iot-rollouts-updates-tls-configuration