Cipher suites and protocols supported by PayU.
As of 31 May 2018, PayU will only support the below listed cipher and protocol combinations.
The PCI Security Standards Council has mandated that all instances of SSL and early TLS must be upgraded to a secure version of TLS. More info here.
These changes are required due to the rise of compromised cipher suites and protocols online and in the industry. In an continued effort to supply our clients with a safe and secure service, only the below listed ciphers will be supported.
It is highly recommended to test communication / integration against PayU's staging environment before 31 May 2018 in order to assure uninterrupted service.
Staging API : https://staging.payu.co.za/service/PayUAPI
Please refer this communication to your technical / development teams as soon as possible in order to test your compatibility.
It is the merchants responsibility to ensure that these changes are catered for. Failure to do so may result in an inability to communicate with PayU’s platform.
Please note that PayU cannot directly assist in determining whether your system will support these changes or not.
Supported protocols:
TLS 1.2
Supported cipher suites:
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027)
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)
TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c)
TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c)
TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d)
TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d)
Q&A:
What is a Cipher Suite?
A cipher suite is basically a complete set of methods (technically known as algorithms) needed to secure a network connection through SSL (Secure Sockets Layer) / TLS (Transport Layer Security).
This is the security protocol used by modern internet browsers to secure your information.
What is Perfect Forward Secrecy?