Cloudflare Docs
SSL/TLS
SSL/TLS
Edit this page
Report an issue with this page
Log into the Cloudflare dashboard
Set theme to dark (⇧+D)

Supported cipher suites

Cloudflare supports the following cipher suites by default. If needed, you can restrict your website or application to only use specific cipher suites.

Cipher nameMinimum protocolSecurity recommendationCipher suiteIANA name
ECDHE-ECDSA-AES128-GCM-SHA256TLS 1.2Modern[0xc02b]TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
ECDHE-ECDSA-CHACHA20-POLY1305TLS 1.2Modern[0xcca9]TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
ECDHE-RSA-AES128-GCM-SHA256TLS 1.2Modern[0xc02f]TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
ECDHE-RSA-CHACHA20-POLY1305TLS 1.2Modern[0xcca8]TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
ECDHE-ECDSA-AES128-SHA256TLS 1.2Compatible[0xc023]TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
ECDHE-ECDSA-AES128-SHATLS 1.0Legacy[0xc009]TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
ECDHE-RSA-AES128-SHA256TLS 1.2Compatible[0xc027]TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
ECDHE-RSA-AES128-SHATLS 1.0Legacy[0xc013]TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
AES128-GCM-SHA256TLS 1.2Legacy[0x9c]TLS_RSA_WITH_AES_128_GCM_SHA256
AES128-SHA256TLS 1.2Legacy[0x3c]TLS_RSA_WITH_AES_128_CBC_SHA256
AES128-SHATLS 1.0Legacy[0x2f]TLS_RSA_WITH_AES_128_CBC_SHA
ECDHE-ECDSA-AES256-GCM-SHA384TLS 1.2Modern[0xc02c]TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
ECDHE-ECDSA-AES256-SHA384TLS 1.2Compatible[0xc024]TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
ECDHE-RSA-AES256-GCM-SHA384TLS 1.2Modern[0xc030]TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
ECDHE-RSA-AES256-SHA384TLS 1.2Compatible[0xc028]TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
ECDHE-RSA-AES256-SHATLS 1.0Legacy[0xc014]TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
AES256-GCM-SHA384TLS 1.2Legacy[0x9d]TLS_RSA_WITH_AES_256_GCM_SHA384
AES256-SHA256TLS 1.2Legacy[0x3d]TLS_RSA_WITH_AES_256_CBC_SHA256
AES256-SHATLS 1.0Legacy[0x35]TLS_RSA_WITH_AES_256_CBC_SHA
DES-CBC3-SHATLS 1.0Legacy[0x0a]TLS_RSA_WITH_3DES_EDE_CBC_SHA
AEAD-AES128-GCM-SHA256 1TLS 1.3Modern{0x13,0x01}TLS_AES_128_GCM_SHA256
AEAD-AES256-GCM-SHA384 1TLS 1.3Modern{0x13,0x02}TLS_AES_256_GCM_SHA384
AEAD-CHACHA20-POLY1305-SHA256 1TLS 1.3Modern{0x13,0x03}TLS_CHACHA20_POLY1305_SHA256

  1. Automatically supported by your zone if you enable TLS 1.3. TLS 1.3 uses the same cipher suite space as previous versions of TLS, but defines these cipher suites differently. TLS 1.3 only specifies the symmetric ciphers and cannot be used for TLS 1.2. Similarly, TLS 1.2 and lower cipher suites cannot be used with TLS 1.3 (IETF TLS 1.3 draft 21). BoringSSL also hard-codes cipher preferences in this order for TLS 1.3. ↩︎ ↩︎ ↩︎