TLS v1.2 cipher suites

Prisma Cloud Compute uses the Go programming language cryptographic libraries to protect all network communications via the Transport Layer Security (TLS) v1.2 protocol.

Prisma Cloud Compute Self-Hosted

The User Interface (UI) and API access is protected using server side TLS v1.2 authentication. The cipher suites offered by the Console adhere to NIST SP800-52r2 guidance.
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
  • TLS_RSA_WITH_AES_256_GCM_SHA384
  • TLS_RSA_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
The Console enforces HTTP Strict Transport Security (HSTS).

Validating Console’s UI and API TLS cipher suites

Use nmap to confirm the cipher suites supported by the Console.
  1. Install nmap
  2. Call the Console’s UI/API endpoint (default TCP port 8083) to enumerate the ciphers suites supported by the Console.