TLS Connections in PCF Deployments

Pivotal Cloud Foundry (PCF) uses Transport Layer Security (TLS) protocols to secure connections between internal components and customer hardware.

Within a PCF deployment, TLS secures connections between components like the Ops Manager Director and service tiles. PCF components also use TLS connections to secure communications with external hardware, such as customer load balancers.

By default, PCF uses a limited set of cipher suites and TLS versions to secure connections.

The TLS versions and cipher suites PCF supports are in the table below.

PCF version TLS version Supported cipher suites
1.10 1.2
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Create a pull request or raise an issue on the source for this page in GitHub