TLS versions
Gr4vy supports and requires TLS 1.2 or TLS 1.3 for all API connections. To ensure the security of data and maintain PCI compliance, older protocols are strictly unsupported:- SSL (all versions)
- TLS 1.0
- TLS 1.1
Cipher suites
Gr4vy accepts connections using the following cipher suites. Please ensure your client supports at least one of these suites.| TLS Version | Cipher Suite |
|---|---|
| TLS 1.3 | TLS_AES_128_GCM_SHA256 |
TLS_AES_256_GCM_SHA384 | |
TLS_CHACHA20_POLY1305_SHA256 | |
| TLS 1.2 | TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 |
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | |
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | |
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 | |
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 | |
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 |
Server name indication (SNI)
Server name indication (SNI) is required for all API requests. Your HTTP client must support and send the SNI extension during the TLS handshake to ensure the correct certificate is presented.Webhooks
For Gr4vy to successfully deliver webhooks, your receiving endpoint’s server must also support the TLS versions and cipher suites listed preceding. Gr4vy cannot deliver webhooks to servers that do not meet these security standards.Testing connectivity
You can verify your system’s ability to connect to Gr4vy using the followingcurl command to reach the sandbox environment: