Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Current »

TLS versions

We only support modern SSL/TLS versions. This means we do not support:

  • SSL of any version,

  • TLSv1.0 and

  • TLSv1.1

Supported TLS versions

TLSv1.2, TLSv1.3

Certificate Issuers

We currently use two CA to issue our server certificates.

 Expand to see reasons why we use two CAs

We use Let’s Encrypt to issue certificates for our services that are exposed via nginx-ingress.

On top of that we use let’s Encrypt to protect PHR UI.

The only place we use Google as a CA is with HL7.

Google

C=US, O=Google Trust Services, CN=WR1

Let’s Encrypt

Let’s Encrypt offers four subordinate certificates for signing requests. Out of which we can use only two that are using RSA encryption algorithm.

C = US, O = Let's Encrypt, CN = R10
C = US, O = Let's Encrypt, CN = R11
  • No labels