Support
Documentation
Quick Start
System Status
Feature Requests
Compliance
API Docs
menu icon

This website stores cookies on your computer

These cookies are used to collect information about how you interact with our website and allow us to remember you. We use this information to improve and customize your browsing experience and for analytics and metrics about our visitors both on this website and other media. To find out more about the cookies we use, see the privacy policy.

If you reject, your information won’t be tracked when you visit this website. A single cookie will be used in your browser to remember your preference not to be tracked.

Learn More
Basic interactions & functionalities

These cookies will allow us to better understand how you’re using our website, evaluate and improve our performance and ultimately provide a better experience.

Advertisement Cookies

These cookies will allow us to evaluate your preferences, build your interest profile and help you see ads that are more useful, and more relevant to your interests.

  1. Home
  2.  / Reference
  3.  / TLS Reference

TLS Reference

On This Page:

Objective

This document provides information on the TLS versions and cipher suites supported for the HTTP load balancers and associated origin pools. For more information on load balancers, see Load Balancing and Service Mesh.

The TLS versions and cipher suites mentioned in this guide are supported for the following Volterra entities:

  • HTTPS Load Balancer with Automatic Certificate
  • HTTPS Load Balancer with Custom Certificate/Bring Your Own Certificate (BYOC)
  • Origin Pool (origin servers that use TLS)

Use the information provided in this guide to understand the TLS security levels and associated cipher suites.

TLS Versions and Cipher Suites

Volterra provides predefined security levels that apply a minimum and maximum TLS versions and associated cipher suites for the levels. You can select the security levels or apply custom TLS security settings in VoltConsole. The following table lists the TLS security levels and associated cipher suites:

Security Level TLS Versions Cipher Suites Details
Default Minimum TLS 1.2
Maximum TLS 1.3		 TLS_AES_128_GCM_SHA256
TLS_AES_256_GCM_SHA384
TLS_CHACHA20_POLY1305_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
 Applied by default. This is also the high security level.
Medium Minimum TLS 1.0
Maximum TLS 1.3		 Cipher Suites of Default Level
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
 Selecting medium security level also gets the cipher suites of default or high security levels.
Low Minimum TLS 1.0
Maximum TLS 1.3		 Cipher Suites of Default and Medium Levels
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_256_GCM_SHA384
 Selecting low security level also gets the cipher suites of default and medium levels.

Note: The HTTPS load balancer with automatic certificate uses default security level by default.

© 2021 Volterra Inc. All rights reserved