Changes for page R24 - Single lane

Last modified by Erik Bakker on 2023/03/03 11:28
From version 6.1
edited by Erik Bakker
on 2023/03/03 11:28
Change comment: There is no comment for this version
To version 2.2
edited by eMagiz
on 2022/10/06 08:30
Change comment: Update document after refactoring.

Summary

Details

Page properties
Title
... ... @@ -1,1 +1,1 @@
1 -R24 - Single lane
1 +R23 - Single lane
Author
... ... @@ -1,1 +1,1 @@
1 -XWiki.ebakker
1 +XWiki.eMagiz
Content
... ... @@ -1,15 +1,16 @@
1 -Non service affecting final template to use the R24 single lane release. To use the new R24 release of our cloud template we upgrade in one steps, the update is non service affecting.
1 +Service affecting template; in order to update to this cloud template there is only a single step required.
2 2  
3 3  **Overview**
4 -* This update improves security in the backup zone when hosted in AWS.
4 +This update changes the Carwash (See https://docs.emagiz.com/bin/view/Main/eMagiz%20Academy/Fundamentals/fundamental-emagiz-cloud-inner-workings). Note that using this new version of the Carwash involves a DNS change, and thus relies on clients honoring TTLs of DNS records. This update also changes the IP adresses used in the infrastructure. For more details, please contact Expert Services. Furthermore, TLSv1.0 is disabled in this update. Verify legacy software can handle atleast TLSv1.1 before updating.
5 5  
6 6  **Updates**
7 -* This update improves security in the backup zone when hosted in AWS.
7 + * Changed ciphers and cipher suites
8 + * Disabled TLS V1.0 support and enable TLS V1.3 support
9 + * IP addresses available for the new car wash
10 + ** eu-central-1a: 35.158.46.28
11 + ** eu-central-1b: 3.74.190.88
8 8  
9 -**Update Steps**
10 -* Use the final R24 template (non service affecting) (duration: 4 minutes)
11 -* User actions after applying the final template:
12 -** Check if all runtimes are reachable by the runtime dashboard.
13 -** Check if all flows have been installed according to the active release.
14 -** Check if messages pass through the bus by verifying a critical message flow in external systems.
15 15  
14 +**Technical notes**
15 +• Supported Ciphers in OpenSSL Format: ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:DHE-RSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS@SECLEVEL=1
16 +• Supported TLS Versions: TLSv1.1, TLSv1.2 and TLSv1.3