MPO Sandbox - Disabling of weak TLS cipher suites
Scheduled Maintenance Report for Mambu
Completed
The scheduled maintenance has been completed.
Posted Jun 05, 2023 - 15:00 UTC
In progress
Scheduled maintenance is currently in progress. We will provide updates as necessary.
Posted Jun 05, 2023 - 14:00 UTC
Scheduled
Dear customer,

In order to provide a secure communication channel with MPO services, and support high security standards, we are announcing the intention to make scheduled updates of our infrastructure to enable forward secrecy Transport Layer Security (TLS) cipher suites, and disable less secure TLS cipher suites.

Please ensure that the browser clients and applications communicating with MPO services support at least one of the below TLS ciphers to ensure that the TLS handshake is successful. Main browsers on recent versions support below cipher suites. Applications that integrate with a MPO service via APIs will need to be checked by you separately, for example by validating the configuration in a client application.

Currently supported TLS 1.2 ciphers:
ECDHE-ECDSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-ECDSA-AES128-SHA256
ECDHE-RSA-AES128-SHA256
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-ECDSA-AES256-SHA384
ECDHE-RSA-AES256-SHA384
AES128-GCM-SHA256
AES128-SHA256
AES256-GCM-SHA384
AES256-SHA256

Future supported TLS 1.2 ciphers:
ECDHE-ECDSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-GCM-SHA384

Disabled TLS 1.2 ciphers:
ECDHE-ECDSA-AES128-SHA256
ECDHE-RSA-AES128-SHA256
ECDHE-ECDSA-AES256-SHA384
ECDHE-RSA-AES256-SHA384
AES128-GCM-SHA256
AES128-SHA256
AES256-GCM-SHA384
AES256-SHA256

The change will come into effect on the 5th of June 2023.

We are not expecting any downtime for this change.

Please reach out if you have any questions or concerns.

Best regards,
Mambu.
Posted May 25, 2023 - 10:08 UTC
This scheduled maintenance affected: MPO (MPO Sandbox 2 (Dublin, Ireland), MPO Sandbox 2 (N. Virginia, USA)).