During the recent February 8th TLS test, we noticed a significant difference between the list of accepted ciphers on the production nodes (the ones in test, with only TLS1.2 enabled) and that of sandbox. (NOTE this may have happened during the first TLS production test, but we didn't get a chance to notice it)
On sandbox, SSL labs shows the following ciphers available
Screenshot of sandbox ciphers from SSL Labs
notice that 11 ciphers are listed
During the production test, we saw the following list of ciphers on secure.authorize.net
Screenshot of production ciphers from SSL Labs
notice that only 8 ciphers are listed
This means 3 ciphers were dropped compared to the sandbox.
How are we supposed to prepare for the end of February if there is inconsistencies like this between SANDBOX (which has been TLS 1.2 only for a long time) and what seems to be the future for production?
Our system actually ran into issues because of this difference and no amount of preparation on our side would have prepared us for this type of issue.
Can you please clarify which ciphers will be supported when the final cutover happens on Feb 28th? And can you make sure that sandbox is configured to match the eventual production setup?
02-12-2018 01:21 PM - edited 02-12-2018 01:27 PM
We ran into the exact same issue.
At first we were worried that we had done something wrong. So we tried the sandbox again and everything worked perfecly. There's not a whole lot of trust in the sandbox, heading into the Feb. 28th disablement right now. Haven't received anything help from live chat, phone calls, or our open ticket.
Information would be much appreciated.
02-16-2018 08:47 AM