Using TLS Protocols v1.2+ with Arc
Using TLS Protocols v1.2+ with Arc
To harden Arc for production environments, you can restrict Arc to only use TLS v1.2+ and a set of known-secure cipher suites.
Configuration
Open settings.yml in the Arc installation directory and add the following parameter:
usesecuretls: trueSave the file and restart Arc for the change to take effect.
Supported Cipher Suites
When usesecuretls: true is set, Arc will only accept connections using these cipher suites:
Cipher Suite |
|---|
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 |
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 |
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 |
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 |
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 |
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 |
Additional Information
More information about all available security settings can be found in the settings.sample.yml file located inside the Arc installation directory.
Related Pages
Enabling TLS Protocols in Arc — full security settings reference