TLS parameters - v1

Owned by Tamás Utasi
Last updated: Nov 07, 2024
1 min read

TLS versions

We only support modern SSL/TLS versions. This means we do not support:

  • SSL of any version,

  • TLSv1.0 and

  • TLSv1.1

Supported TLS versions

TLSv1.2, TLSv1.3

Certificate Issuers

We currently use two CA to issue our server certificates.

We use Let’s Encrypt to issue certificates for our services that are exposed via nginx-ingress.

On top of that we use let’s Encrypt to protect PHR UI.

The only place we use Google as a CA is with HL7.

Google

C=US, O=Google Trust Services, CN=WR1

Let’s Encrypt

Let’s Encrypt offers four subordinate certificates for signing requests. Out of which we can use only two that are using RSA encryption algorithm.

C = US, O = Let's Encrypt, CN = R10
C = US, O = Let's Encrypt, CN = R11