Change the TLS version used by my prismic site

shay · January 16, 2025, 11:57am

Hi!

There are a few vulnerabilities in the TLS version used by my prismic site. Is it possible to control the TLS version or the ciphers that are enabled?

Thanks!

Pau · January 22, 2025, 3:29am

Hey! Could you clarify what you mean by TLS in this context?

Phil · February 12, 2025, 3:21pm

Hi!

Prismic’s infrastructure manages TLS termination, so you cannot directly control the TLS version or ciphers used for your Prismic site.

All communication between the user's web browser or your middleware and Prismic servers is done using HTTPS and encrypted using Transport Layer Security (TLS) version 1.2. Data transferred within Prismic, for instance between EC2 instances and S3 storage facilities, is secured via SSL endpoints using the HTTPS protocol.

Upgrade API Calls (If Client-Side)

If you’re making API requests to Prismic (e.g., via a Next.js, Nuxt, or SvelteKit app), ensure your server enforces TLS 1.2 in HTTP clients (Axios, Fetch, Node.js HTTPS).

Topic		Replies	Views
Socket errors using the prismic-javascript Developing with Prismic nextjs	13	1646	December 9, 2021
Question: Security Review for @prismicio/client 7.12.0 Package Developing with Prismic javascript , nodejs	1	26	November 28, 2024
CSP (Content Security Policy) Developing with Prismic	7	906	March 7, 2022
Security Header X-Content-Type-Options and Prismic Previews Developing with Prismic nextjs	3	959	December 9, 2021
Nodejs SSL issues with connection to prismic api Developing with Prismic nodejs	3	2122	December 9, 2021

Change the TLS version used by my prismic site

Related topics