Breaking Change Planned - Disabling Weak Cipher Suites First Rehearsal This Week 9371

Breaking Change Planned - Disabling Weak Cipher Suites First Rehearsal This Week


As a follow-up to our previous post about an upcoming breaking change to the supported cipher suites for the SKY API gateway, we wanted to remind you that this week is our first rehearsal. Rehearsal #1 for this change is scheduled for this Thursday, February 1st at 22:00 GMT (17:00 EST).

The rehearsal duration is 3 hours (until 1:00 GMT (20:00 EST)). We ask that you use this time to ensure that your application continues to work with the planned cipher suite changes. If your application's network configuration is not compatible with this change, your application will lose access to SKY API during this rehearsal. If your application makes SKY API requests from a distributed application architecture or utilizes various technologies, it's possible that only a portion of your application will lose access. Please consider all aspects of your application.

What’s changing?
In an ongoing effort to prioritize security, privacy, and risk management, SKY API is updating its Gateway TLS configuration to remove cipher suites that Blackbaud and the industry has identified as weak. This change will occur on Wednesday, February 28th, 2024. Depending on your application's networking and cipher configuration, these may be breaking changes.The updated list of supported cipher suites include:
For reference, our current supported cipher suites are documented under TLS requirements on the Basics page.

Our next rehearsal is on February 14th. If your application experiences issues during the first rehearsal, you'll have one more opportunity to verify your application's configuration during Rehearsal #2 on Wednesday, February 14th, 2024 at 10:00 GMT (5:00 EST) – 12:00 GMT (7:00 EST).

During rehearsals, if you uncover an issue with your configuration and cannot resolve it using one of the documented cipher suites above, contact the Blackbaud SKY Developer team.
News SKY Developer Announcements 01/30/2024 9:45am EST

Leave a Comment


Rehearsal 1 Finish - The previous cipher suite configuration has been restored to the SKY API Gateway and Rehearsal 1 is complete.

Rehearsal 1 Start - The cipher suite configuration change is in effect for the SKY API Gateway and Rehearsal 1 has begun.