topic Discrepancy between sandbox CIPHER list and production cipher list in Integration and Testing https://community.developer.cybersource.com/t5/Integration-and-Testing/Discrepancy-between-sandbox-CIPHER-list-and-production-cipher/m-p/61640#M36058 <P>During the recent February 8th TLS test, we noticed a significant difference between the list of accepted ciphers on the production nodes (the ones in test, with only TLS1.2 enabled) and that of sandbox.&nbsp; (NOTE this may have happened during the first TLS production test, but we didn't get a chance to notice it)</P><P>&nbsp;</P><P>On sandbox, SSL labs shows the following ciphers available&nbsp;</P><P><A title="Screenshot of sandbox SSL Labs report" href="https://prnt.sc/ic2o9b" target="_blank">Screenshot of sandbox ciphers from SSL Labs</A></P><P>notice that 11 ciphers are listed</P><P>&nbsp;</P><P>During the production test, we saw the following list of ciphers on&nbsp;<SPAN>secure.authorize.net</SPAN></P><P><A title="Screenshot of production ciphers from SSL Labs" href="https://prnt.sc/ic2o09" target="_blank">Screenshot of production ciphers from SSL Labs</A></P><P><SPAN>notice that only 8 ciphers are listed</SPAN></P><P>&nbsp;</P><P>This means 3 ciphers were dropped compared to the sandbox.&nbsp;&nbsp;</P><P>&nbsp;</P><P>How are we supposed to prepare for the end of February if there is inconsistencies like this between SANDBOX (which has been TLS 1.2 only for a long time) and what seems to be the future for production?</P><P>&nbsp;</P><P>Our system actually ran into issues because of this difference and no amount of preparation on our side would have prepared us for this type of issue.</P><P>&nbsp;</P><P>Can you please clarify which ciphers will be supported when the final cutover happens on<SPAN>&nbsp;<SPAN class="aBn"><SPAN class="aQJ">Feb 28th?&nbsp; And can you make sure that sandbox is configured to match the eventual production setup?</SPAN></SPAN></SPAN></P><P>&nbsp;</P><P>&nbsp;</P> Mon, 12 Feb 2018 21:27:04 GMT Arvoreen 2018-02-12T21:27:04Z Discrepancy between sandbox CIPHER list and production cipher list https://community.developer.cybersource.com/t5/Integration-and-Testing/Discrepancy-between-sandbox-CIPHER-list-and-production-cipher/m-p/61640#M36058 <P>During the recent February 8th TLS test, we noticed a significant difference between the list of accepted ciphers on the production nodes (the ones in test, with only TLS1.2 enabled) and that of sandbox.&nbsp; (NOTE this may have happened during the first TLS production test, but we didn't get a chance to notice it)</P><P>&nbsp;</P><P>On sandbox, SSL labs shows the following ciphers available&nbsp;</P><P><A title="Screenshot of sandbox SSL Labs report" href="https://prnt.sc/ic2o9b" target="_blank">Screenshot of sandbox ciphers from SSL Labs</A></P><P>notice that 11 ciphers are listed</P><P>&nbsp;</P><P>During the production test, we saw the following list of ciphers on&nbsp;<SPAN>secure.authorize.net</SPAN></P><P><A title="Screenshot of production ciphers from SSL Labs" href="https://prnt.sc/ic2o09" target="_blank">Screenshot of production ciphers from SSL Labs</A></P><P><SPAN>notice that only 8 ciphers are listed</SPAN></P><P>&nbsp;</P><P>This means 3 ciphers were dropped compared to the sandbox.&nbsp;&nbsp;</P><P>&nbsp;</P><P>How are we supposed to prepare for the end of February if there is inconsistencies like this between SANDBOX (which has been TLS 1.2 only for a long time) and what seems to be the future for production?</P><P>&nbsp;</P><P>Our system actually ran into issues because of this difference and no amount of preparation on our side would have prepared us for this type of issue.</P><P>&nbsp;</P><P>Can you please clarify which ciphers will be supported when the final cutover happens on<SPAN>&nbsp;<SPAN class="aBn"><SPAN class="aQJ">Feb 28th?&nbsp; And can you make sure that sandbox is configured to match the eventual production setup?</SPAN></SPAN></SPAN></P><P>&nbsp;</P><P>&nbsp;</P> Mon, 12 Feb 2018 21:27:04 GMT https://community.developer.cybersource.com/t5/Integration-and-Testing/Discrepancy-between-sandbox-CIPHER-list-and-production-cipher/m-p/61640#M36058 Arvoreen 2018-02-12T21:27:04Z Re: Discrepancy between sandbox CIPHER list and production cipher list https://community.developer.cybersource.com/t5/Integration-and-Testing/Discrepancy-between-sandbox-CIPHER-list-and-production-cipher/m-p/61753#M36160 <P>We ran into the exact same issue.</P><P>&nbsp;</P><P>At first we were worried that we had done something wrong.&nbsp; So we tried the sandbox again and everything worked perfecly.&nbsp; There's not a whole lot of trust in the sandbox, heading into the Feb. 28th disablement right now.&nbsp; Haven't received anything help from live chat, phone calls, or our open ticket.&nbsp;</P><P>&nbsp;</P><P>Information would be much appreciated.</P> Fri, 16 Feb 2018 16:47:49 GMT https://community.developer.cybersource.com/t5/Integration-and-Testing/Discrepancy-between-sandbox-CIPHER-list-and-production-cipher/m-p/61753#M36160 weyco44 2018-02-16T16:47:49Z