Transport security

TLS 1.2 connections are used for the connection between clients and the Access Server. The following minimum cipher suites are used by the clients:

These connections can be easily verified by looking at the application logs or by using Wireshark.

Access Servers use an SSL server certificate signed using SHA-256 with RSA by a well-known certificate authority.

The End-to-end encryption securing remote access connections between Control Center and Runtime uses an AES-256 CBC with a session key securely exchanged through a separate Access Server connection during the handshake phase. Since the Relay Server never participates to this handshake and is used after the session key has been exchanged, it cannot decode the incoming traffic and the connection is truly end-to-end secure.

The underlying transport can be TCP (used for performance reasons) or TLS1.2 (as fallback for compatibility with firewalls requiring a TLS connection). Confidentiality is not guaranteed by TLS in this case, but by the upper-level AES-256 encapsulation.

For security reasons, the TCP transport can be disabled in favor of the TLS1.2 connection.

All Frontends use HTTPS for web APIs. Web servers use an SSL server certificate signed using SHA-256 with RSA by a well-known certificate authority.