Announcement

Xact File Transfer changes: Ciphers and algorithms support

Connectivity | Xact File Transfer

Reference

Code
C21061
Service level
CEU OneClearstream | CBL
Last Updated
24.12.2021

CONNECTIVITY HELPDESK FRANKFURT

E:

connect@clearstream.com

T:

+49-(0) 69-2 11-1 15 80

F:

+49-(0) 69-2 11-61 15 80

Clearstream Banking1 reminds customers that effective

13 June 2022

it will deactivate the following list of connectivity parameters for SSH, HTTP and FTP protocols:

Ssh.KeyExchangeAlgorithms

diffie-hellman-group14-sha1, diffie-hellman-group1-sha1

Ssh.AllowedMacs

hmac-sha1, hmac-md5, hmac-sha1-96, hmac-md5-96

Ssh.Ciphers

aes128-cbc, aes192-cbc, aes256-cbc, 3des-cbc, blowfish-cbc, arcfour, arcfour128, arcfour256

Http.Ssl.EnabledCipherSuites

TLS_EMPTY_RENEGOTIATION_INFO_SCSV,
TLS_RSA_WITH_AES_128_CBC_SHA256,
TLS_RSA_WITH_AES_128_CBC_SHA,
TLS_RSA_WITH_AES_256_CBC_SHA,

Ftp.Listeners.Ssl.enabledCipherSuites

TLS_EMPTY_RENEGOTIATION_INFO_SCSV, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA

Impacted applications

Xact File Transfer

Customers that are still using the above ciphers and algorithms after implementation will be impacted.

No impact is expected for customers with standard and updated file transfer software. It should negotiate the correct connectivity parameters. No impact is expected for customers using the latest versions of web browsers.

To avoid any problem linked with the compatibility, we strongly advise you to conduct tests with your browser, FTP and SFTP tools.

Testing

Should you wish to test your connectivity, you can do so using Clearstream Banking’s OCCT Environment as of 25 February 2022 to avoid any service disruption.

The responsibility to still be using the deprecated ciphers and algorithms after the rollout of the change goes to the customer, as a service disruption will occur.

Further information

For further information, please contact the Clearstream Connectivity Helpdesk.

-------------------------------------------------------

1. Clearstream Banking refers collectively to Clearstream Banking S.A., registered office at 42, avenue John F. Kennedy, L-1855 Luxembourg, and registered with the Luxembourg Trade and Companies Register under number B-9248, and Clearstream Banking AG, registered office at 61, Mergenthalerallee, 65760 Eschborn, Germany and registered in Register B of the Amtsgericht Frankfurt am Main, Germany under number HRB 7500.