Need help on strong ciphers/SSL Certificate for images to load

ssl
cards

#1

Hello Team,

Currently,the organization I work at is facing an issue with Twitter Cards. Here are the details about the issue - When we tried to test our website page with Twitter Card validator tool and it was returning “Fetching the page failed because of other errors.” We did further investigation and found that the issue could be related to our SSL certificate. When we verify the SSL certificate attributes we came to know that we are using the following list of strong ciphers:

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

TLS_DHE_RSA_WITH_AES_256_GCM_SHA384

TLS_DHE_RSA_WITH_AES_256_GCM_SHA256

Eventually, we found that the above-listed ciphers are not compatible with Twitter Card because Twitter Cards are using TLS_RSA_WITH_AES_256_CBC_SHA which seems a weak/old cipher. To confirm and validate this scenario, we revert back our cipher settings to “TLS_RSA_WITH_AES_256_CBC_SHA” and Twitter cards were working as expected.

As per our organization’s policy, we want to use the strong ciphers (as listed above) and want Twitter Cards should be functional. In our this is not possible at this moment so, could you please help us to know that by what duration Twitter cards will support the strong ciphers, especially above-mentioned ciphers?


#3

Hi @TheRudyMajid - Twitter’s web crawler currently supports the TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 cipher that you mentioned and explicitly disallows the TLS_RSA_WITH_AES_256_CBC_SHA cipher you say you’ve reverted to.

Could you please share an example URL which we can test against?