Ideagen Luminate logo Ideagen Luminate logo
Navigation
Need help?
Send feedback
Sign in
This page does not meet FedRAMP security standards. Please avoid entering sensitive or classified information. Learn more
Learn more
Learn more

Looking for help?

Common queries

View all

Send us feedback

Megaphone illustration

Before you start

This form is for Ideagen Luminate feedback only. Your submission will not receive a response.

Looking for support? Select the solution you need help with and open a ticket with us.
New article Recently updated

TSB-002 - Upcoming SSL Cipher Updates

By Joseph Perez
  • Last updated
⌘ K
Search this article
Print this article

Who is this article for?

Client IT/Technical Teams - Those who need to implement technical changes (firewall rules, SSL configurations) and Client Operations/Management - Decision-makers who need to understand impact and approve changes

No elevated access or permissions are required.

Bulletin Number: TSB-002 
Date: January 27, 2025
Product Affected: Maritime Safety (Ideagen Maritime Management/Ideagen Maritime Safety)
Version: All Versions

Ideagen Maritime Technical Service Bulletin 

Purpose

The purpose of this Technical Service Bulletin (TSB) is to inform clients about upcoming changes to SSL cipher configurations within the Maritime Saftey platform. These updates are part of our ongoing efforts to enhance security, align with industry best practices, and ensure consistency across all environments. This bulletin outlines the planned changes, the timeline for implementation, and the actions required from clients to ensure a seamless transition. 

Description of Issue

As part of our commitment to maintaining the highest standards of security and compliance, we are updating the SSL cipher configurations used within the Maritime Saftey platform. This update involves the removal of older, less secure SSL ciphers and the adoption of stronger, industry-approved ciphers. The changes will be rolled out in a phased approach, beginning with staging (lab) environments on or after January 27, 2025, followed by production environments after a one-month monitoring period. These updates aim to improve encryption standards, ensure data integrity, and align onboard environments with current security protocols.  

What is changing? 

  • We are removing the following ciphers:
    • ECDHE-RSA-AES256-SHA384
    • ECDHE-RSA-AES256-SHA
    • DHE-RSA-AES128-GCM-SHA256
    • DHE-RSA-AES256-GCM-SHA384
    • DHE-RSA-AES256-SHA256
    • DHE-RSA-AES256-SHA
    • AES256-GCM-SHA384
    • AES128-GCM-SHA256
    • AES256-SHA256
    • AES128-SHA256
    • AES256-SHA
    • AES128-SHA
  • Ciphers being supported going forward:
    • TLSv1.3
      • TLS_AES_256_GCM_SHA384
      • TLS_CHACHA20_POLY1305_SHA256
      • TLS_AES_128_GCM_SHA256
    • TLSv1.2
      • ECDHE-RSA-AES128-GCM-SHA256
      • ECDHE-RSA-AES256-GCM-SHA384
      • ECDHE-RSA-CHACHA20-POLY1305

Timeline for Changes

  1. Staging Environments: 
    • Changes will begin on or after January 27, 2025, in staging (lab) environments for each client. 
    • We will monitor for any issues in staging for 1 month before proceeding to production. 
  1. Production Environments: 
    • Updates to production environments will begin 1 month after staging updates are completed successfully. 

Why Are We Making These Changes? 

  • Enhanced Security: Aligning onboard environments with modern encryption standards, as we previously did for operations environments. 
  • Compliance: Ensures alignment with industry best practices and regulatory expectations. 
  • Consistency: Applies the same secure cipher suite configurations across all environments. 

Action Required by You 

  1. Firewall & Interface Compatibility Check:
    • Review your environment and interfaces to ensure compatibility with the updated SSL ciphers and protocols.
    • Clients should review and confirm readiness, given previous challenges with TLS 1.1 and 1.0 deprecation.
  2. Confirm Readiness for Staging Updates:
    • Contact your CSM with your readiness for the staging environment updates.
  3. Attend a Confirmation Meeting:
    • We will schedule a meeting with each client to review and confirm the planned changes. Please ensure a representative from your team is available for this discussion.

What Happens Next? 

  • Following your confirmation, our team will proceed with the staging environment updates.
  • Any issues identified during staging will be addressed before moving forward with production updates.

If you have any questions or concerns, or if further clarification is needed, please do not hesitate to contact us at support.tritan@ideagen.com.

Thank you for your attention to this important update.

Acknowledgments

We appreciate your continued support and feedback. Your input is invaluable in helping us improve Maritime Saftey. Thank you for your time and attention. 

Disclaimer 

This Technical Service Bulletin is intended to provide information regarding upcoming changes to SSL cipher configurations within the Maritime Saftey platform. While every effort has been made to ensure a smooth transition, clients are responsible for verifying compatibility with their own systems and interfaces. The timeline for implementation is subject to change based on staging environment results and client-specific requirements. If you have concerns or questions about these updates, please contact support.tritan@ideagen.com before the implementation date. Failure to address compatibility issues may impact system performance or accessibility. 

What do you think about this article?

Your feedback helps us improve

More articles in this section

Looking for more help? Ask the Community

On this page