OkHttp tracks the dynamic TLS ecosystem to balance connectivity and security. This page is a log of changes we've made over time to OkHttp's default TLS options.
2019-03-14
Remove 2 TLSv1.3 cipher suites that are neither available on OkHttp’s host platforms nor enabled in releases of Chrome and Firefox.
- TLS_AES_128_GCM_SHA256¹
- TLS_AES_256_GCM_SHA384¹
- TLS_CHACHA20_POLY1305_SHA256¹
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
- REMOVED:
TLS_AES_128_CCM_SHA256¹ - REMOVED:
TLS_AES_128_CCM_8_SHA256¹
- TLS_AES_128_GCM_SHA256¹
- TLS_AES_256_GCM_SHA384¹
- TLS_CHACHA20_POLY1305_SHA256¹
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA²
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA²
- TLS_RSA_WITH_AES_128_GCM_SHA256²
- TLS_RSA_WITH_AES_256_GCM_SHA384²
- TLS_RSA_WITH_AES_128_CBC_SHA²
- TLS_RSA_WITH_AES_256_CBC_SHA²
- TLS_RSA_WITH_3DES_EDE_CBC_SHA²
- REMOVED:
TLS_AES_128_CCM_SHA256¹ - REMOVED:
TLS_AES_128_CCM_8_SHA256¹
2019-02-04
Remove TLSv1.1 and TLSv1 from MODERN_TLS. Change COMPATIBLE_TLS to support all TLS versions.
- TLSv1.3
- TLSv1.2
- TLSv1.3
- TLSv1.2
- REMOVED:
TLSv1.1 - REMOVED:
TLSv1
- NEW: TLSv1.3
- NEW: TLSv1.2
- NEW: TLSv1.1
- TLSv1
2018-11-16
Added support for TLSv1.3.
- NEW: TLS_AES_128_GCM_SHA256¹
- NEW: TLS_AES_256_GCM_SHA384¹
- NEW: TLS_CHACHA20_POLY1305_SHA256¹
- NEW: TLS_AES_128_CCM_SHA256¹
- NEW: TLS_AES_128_CCM_8_SHA256¹
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
- NEW: TLS_AES_128_GCM_SHA256¹
- NEW: TLS_AES_256_GCM_SHA384¹
- NEW: TLS_CHACHA20_POLY1305_SHA256¹
- NEW: TLS_AES_128_CCM_SHA256¹
- NEW: TLS_AES_128_CCM_8_SHA256¹
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA²
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA²
- TLS_RSA_WITH_AES_128_GCM_SHA256²
- TLS_RSA_WITH_AES_256_GCM_SHA384²
- TLS_RSA_WITH_AES_128_CBC_SHA²
- TLS_RSA_WITH_AES_256_CBC_SHA²
- TLS_RSA_WITH_3DES_EDE_CBC_SHA²
- NEW: TLSv1.3
- TLSv1.2
- NEW: TLSv1.3
- TLSv1.2
- TLSv1.1
- TLSv1
- TLSv1
2018-07-12
Added a new extra strict RESTRICTED_TLS configuration inspired by Google Cloud’s similar policy. It is appropriate when both the host platform (JVM/Conscrypt/Android) and target webserver are current.
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
- TLSv1.2
2018-02-24
Remove two rarely-used cipher suites from the default set. This tracks a Chromium change to remove these cipher suites because they are fragile and rarely-used.
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA²
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA²
- TLS_RSA_WITH_AES_128_GCM_SHA256²
- TLS_RSA_WITH_AES_256_GCM_SHA384²
- TLS_RSA_WITH_AES_128_CBC_SHA²
- TLS_RSA_WITH_AES_256_CBC_SHA²
- TLS_RSA_WITH_3DES_EDE_CBC_SHA²
- REMOVED:
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - REMOVED:
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
2016-11-30
Remove three old cipher suites and add five new ones. This tracks changes in what's available on Android and Java, and also what cipher suites recent releases of Chrome and Firefox support by default.
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- NEW: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- NEW: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- NEW: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
- NEW: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA²
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA²
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA²
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA²
- TLS_RSA_WITH_AES_128_GCM_SHA256²
- NEW: TLS_RSA_WITH_AES_256_GCM_SHA384²
- TLS_RSA_WITH_AES_128_CBC_SHA²
- TLS_RSA_WITH_AES_256_CBC_SHA²
- TLS_RSA_WITH_3DES_EDE_CBC_SHA²
- REMOVED:
TLS_DHE_RSA_WITH_AES_128_CBC_SHA - REMOVED:
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - REMOVED:
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
2016-01-13
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA²
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA²
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA²
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA²
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA²
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA²
- TLS_RSA_WITH_AES_128_GCM_SHA256²
- TLS_RSA_WITH_AES_128_CBC_SHA²
- TLS_RSA_WITH_AES_256_CBC_SHA²
- TLS_RSA_WITH_3DES_EDE_CBC_SHA²
- TLSv1.2
- TLSv1.1
- TLSv1
- TLSv1
Cipher suites that are only available with TLSv1.3.
Cipher suites that are discouraged for use with HTTP/2. OkHttp includes them because better suites are not commonly available. For example, none of the better cipher suites listed above shipped with Android 4.4 or Java 7.