You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: modules/ROOT/pages/security/ssl-framework.adoc
+15Lines changed: 15 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1084,6 +1084,21 @@ One can set up a Neo4j configuration by specifying the list of cipher suites tha
1084
1084
Valid values depend on the current JRE and SSL provider.
1085
1085
For Oracle JRE here is the list of supported ones - https://docs.oracle.com/en/java/javase/17/docs/specs/security/standard-names.html#jsse-cipher-suite-names.
1086
1086
1087
+
[IMPORTANT]
1088
+
====
1089
+
label:deprecated[Deprecated in 5.26]
1090
+
1091
+
CBC (cipher block chaining) ciphers, as used in TLS v1.2 network encryption, have several security vulnerabilities that make them less secure than alternative methods.
1092
+
The Internet Engineering Task Force (IETF) doesn't recommend using CBC-based ciphers (RFC 8447), and these ciphers were removed from the TLS standard with the development of TLS v1.3.
1093
+
1094
+
Note that the use of the following CBC-based ciphers has been deprecated in Neo4j 5.26:
0 commit comments