You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: src/content/docs/ssl/edge-certificates/additional-options/cipher-suites/customize-cipher-suites/dashboard.mdx
+19-4Lines changed: 19 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -6,17 +6,32 @@ sidebar:
6
6
label: Use the dashboard
7
7
---
8
8
9
-
import { Render } from"~/components";
9
+
import { Render, Details } from"~/components";
10
10
11
11
:::note
12
12
<Renderfile="cipher-suites-saas-linkout" />
13
13
:::
14
14
15
-
## Before you begin
15
+
When configuring cipher suites via dashboard, you can use three different selection modes:
16
16
17
-
Note that:
17
+
-**By security level**: allows you to select between the predefined [Cloudflare recommendations](/ssl/edge-certificates/additional-options/cipher-suites/recommendations/) (Modern, Compatible, or Legacy).
18
+
-**By compliance standard**: allows you to select cipher suites grouped according to [industry standards](/ssl/edge-certificates/additional-options/cipher-suites/compliance-status/) (PCI DSS or FIPS-140-2).
19
+
-**Custom**: allows you to individually select the cipher suites you would like to support.
18
20
21
+
For any of the modes, you should keep in mind the following configuration conditions. If choosing by security level or compliance standard, some actions may be blocked and explained referencing these conditions.
22
+
23
+
<Detailsheader="Configuration conditions">
19
24
* Cipher suites are used in combination with other [SSL/TLS settings](/ssl/edge-certificates/additional-options/cipher-suites/#related-ssltls-settings).
20
25
* You cannot set specific TLS 1.3 ciphers. Instead, you can [enable TLS 1.3](/ssl/edge-certificates/additional-options/tls-13/#enable-tls-13) for your entire zone and Cloudflare will use all applicable [TLS 1.3 cipher suites](/ssl/edge-certificates/additional-options/cipher-suites/supported-cipher-suites/).
21
26
* Each cipher suite also supports a specific algorithm (RSA or ECDSA) so you should consider the algorithms in use by your edge certificates when making your ciphers selection. You can find this information under each certificate listed in [**SSL/TLS** > **Edge Certificates**](https://dash.cloudflare.com/?to=/:account/:zone/ssl-tls/edge-certificates).
22
-
* It is not possible to configure minimum TLS version nor cipher suites for [Cloudflare Pages](/pages/) hostnames.
27
+
* It is not possible to configure minimum TLS version nor cipher suites for [Cloudflare Pages](/pages/) hostnames.
28
+
</ Details>
29
+
30
+
## Steps
31
+
32
+
1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/login) and select your account and domain.
33
+
2. Go to **SSL/TLS** > **Edge Certificates**.
34
+
3. For the **Cipher suites** setting select **Configure**.
35
+
4. Choose a mode to select your cipher suites and select **Next**.
36
+
5. Select a predefined set of cipher suites or, if you opted for **Custom**, specify which cipher suites you want to allow. Make sure you are aware of how your selection will interact with Minimum TLS version, TLS 1.3, and the certificate types (ECDSA or RSA).
0 commit comments