Disable weak ciphers
Hello,
I'm trying to disable weak cipher suites using the following: (token and zone ID redacted for security)
curl --request PATCH "https://api.cloudflare.com/client/v4/zones/ZONE_ID_REDACTED/settings/ciphers" --header "Authorization: Bearer TOKEN_REDACTED" --header "Content-Type: application/json" --data '{"value": ["ECDHE-ECDSA-AES128-GCM-SHA256","ECDHE-ECDSA-CHACHA20-POLY1305","ECDHE-RSA-AES128-GCM-SHA256","ECDHE-RSA-CHACHA20-POLY1305","ECDHE-ECDSA-AES256-GCM-SHA384","ECDHE-RSA-AES256-GCM-SHA384", "AEAD-AES128-GCM-SHA256", "AEAD-AES256-GCM-SHA384", "AEAD-CHACHA20-POLY1305-SHA256"]}'
I get the following response:
{"success":false,"errors":[{"code":6003,"message":"Invalid request headers","error_chain":[{"code":6111,"message":"Invalid format for Authorization header"}]}],"messages":[],"result":null}
I believe I am following the guide correctly: https://developers.cloudflare.com/ssl/edge-certificates/additional-options/cipher-suites/customize-cipher-suites/#steps-and-api-examples
I have submitted several support tickets but they've been lost, and now I am unable to raise a new one (I am aware of the issues with the support system)
Thanks in advance
I'm trying to disable weak cipher suites using the following: (token and zone ID redacted for security)
curl --request PATCH "https://api.cloudflare.com/client/v4/zones/ZONE_ID_REDACTED/settings/ciphers" --header "Authorization: Bearer TOKEN_REDACTED" --header "Content-Type: application/json" --data '{"value": ["ECDHE-ECDSA-AES128-GCM-SHA256","ECDHE-ECDSA-CHACHA20-POLY1305","ECDHE-RSA-AES128-GCM-SHA256","ECDHE-RSA-CHACHA20-POLY1305","ECDHE-ECDSA-AES256-GCM-SHA384","ECDHE-RSA-AES256-GCM-SHA384", "AEAD-AES128-GCM-SHA256", "AEAD-AES256-GCM-SHA384", "AEAD-CHACHA20-POLY1305-SHA256"]}'
I get the following response:
{"success":false,"errors":[{"code":6003,"message":"Invalid request headers","error_chain":[{"code":6111,"message":"Invalid format for Authorization header"}]}],"messages":[],"result":null}
I believe I am following the guide correctly: https://developers.cloudflare.com/ssl/edge-certificates/additional-options/cipher-suites/customize-cipher-suites/#steps-and-api-examples
I have submitted several support tickets but they've been lost, and now I am unable to raise a new one (I am aware of the issues with the support system)
Thanks in advance
Cloudflare Docs
With Advanced Certificate Manager or within Cloudflare for SaaS, you can restrict connections between Cloudflare and clients — such as your visitor’s browser — to specific cipher suites.
