function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
Support 3625Support 3625 

What SSL cipher suites does Salesforce support for webcallouts?

Hello,

I recently wrote a webcallout to do some integration between Salesforce and our website. On testing my callout in production, I began recieving the following exception: "java.lang.RuntimeException: Could not generate DH keypair". I googled this and found several references to various java versions and the SSL handshakes they support:

http://stackoverflow.com/questions/6851461/java-why-does-ssl-handshake-give-could-not-generate-dh-keypair-exception
http://stackoverflow.com/questions/14253039/is-there-a-workaround-for-java-lang-runtimeexception-could-not-generate-dh-key
http://stackoverflow.com/questions/26769498/java-lang-runtimeexception-could-not-generate-dh-keypair-when-trying-to-make-ca

My question is, based upon these links, what are the supported SSL configurations for remote web callout endpoints?

Thanks,
-Nick
ShashankShashank (Salesforce Developers) 
Salesforce only supports TLS 1.0 or higher only: https://help.salesforce.com/apex/HTViewSolution?urlname=Salesforce-disabling-SSL-3-0-encryption
篤 武藤篤 武藤
On December 29 last year, I confirmed supported SSL cipher suites for web callout.

TLS_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_DSS_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_DSS_WITH_AES_128_CBC_SHA
SSL_RSA_WITH_RC4_128_SHA
SSL_RSA_WITH_3DES_EDE_CBC_SHA
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
SSL_RSA_WITH_RC4_128_MD5