Configuring TLS Cipher Suites
Go Up to Working with ERStudio Repository
Beginning with version 21.0, ER/Studio Data Architect and Repository use TLS 1.3 as the default protocol for all secure communications. This support includes the following cipher suites:
- TLS_AES_128_GCM_SHA256 Enabled by default.
- TLS_AES_256_GCM_SHA384 Enabled by default.
- TLS_CHACHA20_POLY1305_SHA256 Enabled by default.
- TLS_AES_128_CCM_SHA256
You can control which TLS cipher suite is used by configuring the TLS Ciphers registry setting.
Registries are located at:
- ER/Studio Data Architect Client
- HKEY_CURRENT_USER\Software\Idera\ER/Studio Data Architect 21.0\Repository
- Repository Server
- HKEY_LOCAL_MACHINE\SOFTWARE\Idera\Repository\Database
Note:
- To configure one of the default supported cipher suites, you must set the cipher in the client-side registry.
- To use TLS_AES_128_CCM_SHA256, the cipher must be explicitly configured in both the client-side and server-side registries.