Imperva Cyber Community

communities_1.jpg
 View Only
  • 1.  Cloud WAF Certificate

    Posted 05-01-2020 15:38
    Does Cloud WAF support Elliptical Curve Cryptography on customer supplied certificates when onboarding a website ?
    #CloudWAF(formerlyIncapsula)

    ------------------------------
    Robert Kemeny
    NCSi
    Bountiful UT
    ------------------------------


  • 2.  RE: Cloud WAF Certificate

    Posted 05-01-2020 17:13
    @Robert Kemeny, I spoke to @phil Klassen (csp) - Imperva and @Peter Klimek, some of the Imperva experts and they said, we support Diffie Hellman E ciphers - the answer is yes we do. This is ECDHE which we do support and generally most browsers will use as the default option in negotiating TLS connections. Does this answer your question? 



    ------------------------------
    Christopher Detzel
    Community Manager
    Imperva
    ------------------------------



  • 3.  RE: Cloud WAF Certificate
    Best Answer

    Posted 05-04-2020 13:50
    @Robert Kemeny

    Also, ECC  or ECDSA are not support, at this moment Imperva use all of our certificates are RSA ones.
    Currently we don't support it as part of CWAF and there is no ETA. We are checking to see if it's possible to use custom cert and not from Imperva. 

    Here is some documentation that could help
    Web Protection - SSL/TLS 

    Supported cipher suites

    TLS 1.3

    TLS_AES_128_GCM_SHA256

    TLS_CHACHA20_POLY1305_SHA256

    TLS_AES_256_GCM_SHA384

    TLS 1.2

    TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

    TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

    TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

    TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

    TLS_RSA_WITH_AES_128_GCM_SHA256

    TLS_RSA_WITH_AES_256_GCM_SHA384

    TLS_RSA_WITH_AES_128_CBC_SHA256

    TLS_RSA_WITH_AES_256_CBC_SHA256

    TLS_RSA_WITH_AES_128_CBC_SHA

    TLS_RSA_WITH_AES_256_CBC_SHA

    TLS_RSA_WITH_CAMELLIA_256_CBC_SHA

    TLS_RSA_WITH_CAMELLIA_128_CBC_SHA



    ------------------------------
    Christopher Detzel
    Community Manager
    Imperva
    ------------------------------