A month ago I obtained 2 certificates from Lets Encrypt. One is installed on a Windows server and the other one on a Linux server. Both servers work OK with https, i.e. the browsers recognize the certificates without errors.
We also have an interface from the previously mentioned servers to a payment gateway (=external company) and the communication with that gateway does not work properly. The support people from the gateway tell me that our server must support at least 1 (of a list of 6) of their cipher suites, for instance “SSL_RSA_WITH_AES_256_CBC_SHA” or “SSL_RSA_WITH_3DES_EDE_CBC_SHA”. All their cipher suites start with “SSL_…”.
When I use a tool to check our certificates ( [https://cryptoreport.websecurity.symantec.com/checker/views/certCheck.jsp ) I see that all cipher suites enabled on our server start with “TLS_” for instance “TLS-RSA-WITH-3DES-EDE_CBC-SHA (0x000A)”.
I also noticed that the Linux server has more suites enabled then the windows server.
So my questions and doubts are:
- Can or does LetsEncrypt certificates support cipher suites with “SSL_…”. The process of generating them does not ask anything about cipher suites to be supported.
- Do ciphering suites depend on other software installed on the operating system, like extra crypto modules, or…?
Thanks for any help.
/Antoine