You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: src/content/docs/ssl/edge-certificates/additional-options/cipher-suites/customize-cipher-suites.mdx
+9-9Lines changed: 9 additions & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -18,11 +18,7 @@ You may want to do this to follow specific [recommendations](/ssl/edge-certifica
18
18
Customizing cipher suites will not lead to any downtime in your SSL/TLS protection.
19
19
20
20
:::note
21
-
22
-
23
-
Note that this process only refers to connections [between clients and the Cloudflare network](/ssl/concepts/#edge-certificate). For connections between Cloudflare and your origin server, refer to [Origin server > Cipher suites](/ssl/origin-configuration/cipher-suites/).
24
-
25
-
21
+
This documentation only refers to connections [between clients and the Cloudflare network](/ssl/concepts/#edge-certificate). For connections between Cloudflare and your origin server, refer to [Origin server > Cipher suites](/ssl/origin-configuration/cipher-suites/).
26
22
:::
27
23
28
24
## How it works
@@ -49,6 +45,11 @@ ECDSA cipher suites are prioritized over RSA, and Cloudflare preserves the speci
49
45
50
46
## Set up
51
47
48
+
49
+
:::note
50
+
For guidance around custom hostnames, refer to [TLS settings - Cloudflare for SaaS](/cloudflare-for-platforms/cloudflare-for-saas/security/certificate-management/enforce-mtls/#cipher-suites).
51
+
:::
52
+
52
53
### Before you begin
53
54
54
55
Note that:
@@ -70,9 +71,8 @@ Note that:
70
71
71
72
4. Make an API call to either the [Edit zone setting](/api/resources/zones/subresources/settings/methods/edit/) endpoint or the [Edit TLS setting for hostname](/api/resources/hostnames/subresources/settings/subresources/tls/methods/update/) endpoint, specifying `ciphers` in the URL. List your array of chosen cipher suites in the `value` field.
72
73
73
-
:::caution
74
-
75
-
For guidance around custom hostnames, refer to [TLS settings - Cloudflare for SaaS](/cloudflare-for-platforms/cloudflare-for-saas/security/certificate-management/enforce-mtls/#cipher-suites).
74
+
:::note
75
+
Updating the cipher suites will result in certificates being redeployed.
76
76
:::
77
77
78
78
<Tabs> <TabItemlabel="modern">
@@ -128,7 +128,7 @@ curl --request PATCH \
128
128
129
129
:::caution
130
130
131
-
For compliance with PCI DSS, also [enable TLS 1.3](/ssl/edge-certificates/additional-options/tls-13/#enable-tls-13) on your zone and make sure to up your [Minimum TLS version](/ssl/edge-certificates/additional-options/minimum-tls/) to `1.2`.
131
+
For compliance with PCI DSS, also [enable TLS 1.3](/ssl/edge-certificates/additional-options/tls-13/#enable-tls-13) on your zone and make sure to up your [Minimum TLS version](/ssl/edge-certificates/additional-options/minimum-tls/) to `1.2`.
0 commit comments