Developer Group for CMS Blue Button API
Hello,
Akamai, which the Blue Button 2.0 API utilizes, is making an update to their required Ciphers. This will be occurring on May 27th, 2024 for the Blue Button 2.0 API Production environment.
Our sandbox environment is currently limited to the Ciphers required in the update. This means that if apps are currently working in sandbox, they will not need to make a change.
All other developers will want to make sure that their chosen API request library and browser supports are adjusted to meet this new requirement. The new requirement is TLS 1.2 at a minimum, with TLS 1.3 recommended . We are also limiting to the following Cipher suites:
TLS_AES_256_GCM_SHA384
TLS_CHACHA20_POLY1305_SHA256
TLS_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
If you have any questions, please do not hesitate to let us know.
-The Blue Button 2.0 API