Use preferable cipher suites and TLS versions in android app
Closed this issue · 1 comments
RajashekarRaju commented
Description
In our android application, due to compliance requirements for security and data protection, we are required to use different or preferred Cipher suites and TLS versions which are added below instead of latest one in use which are provided in Twilio Docs.
> This issue is very specific to in our application peer-to-peer connections in video calls.
Cipher suites we need to include:
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
TLS_RSA_WITH_AES_128_GCM_SHA256
Cipher suites we need to exclude:
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
Is there a way we can select only the allowed version and suits for our application to satisfy our requirements?
afalls-twilio commented
@RajashekarRaju There is currently no way to select the desired ciphers available.. more information can be provided going via our paid support channels.