CBC / Java 7 Cipher Removal
Scheduled Maintenance Report for Ping Identity
Completed
The scheduled maintenance has been completed.
Posted Nov 04, 2021 - 09:41 UTC
Update
All .EU and .AU services plus .com critical path (MFA/SSO) services have already been completed. Only non-critical path services remain to be rolled on .com which will begin it's 2nd change window after North American business hours.
Our support teams have worked with customers impacted by the removal of these ciphers, in many cases swiftly assisting the identification of solutions. If you have any TLS handshake issues with Ping services, after this update, the team stand ready to assist https://support.pingidentity.com/s/
Posted Nov 03, 2021 - 21:46 UTC
In progress
Scheduled maintenance is currently in progress. We will provide updates as necessary.
Posted Nov 02, 2021 - 17:00 UTC
Scheduled
This is the final change in the series, which deprecates ciphers which are obsolete by modern standards.

The following cipher will be removed from operation
• TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
The cipher will be removed from all endpoints in all regions.

Additionally the following ciphers will be removed from the PingID's Authenticator and IDP services for .com as these were reverted previously to assist a customer.
• TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
• TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
• TLS_DHE_RSA_WITH_AES_256_CBC_SHA
• TLS_RSA_WITH_3DES_EDE_CBC_SHA

Java 7 applications using the platforms will no longer connect after this date unless they have update 191 or higher. Java 8 and 11 are both compatible, and will already use the GCM ciphers instead of these.

The change begins at 17:00 UTC November 2, 2021. .EU will be updated first, then .COM followed by .COM.AU. The change could take 48hrs in total to run in all regions (during off-peak times only) due to the size of the estate. We cannot detail precise times per application per region as they can vary and because uptime will not be affected during what otherwise would be regular maintenance.

if you have any questions please reach out via https://support.pingidentity.com
Posted Oct 19, 2021 - 20:23 UTC
This scheduled maintenance affected: PingOne (PingOne for Enterprise & PingOne SSO for SaaS Applications) (Administration API, Administration Portal, AD Connect & Routing Service, Single Sign-on, OAuth Configuration Service, PingOne dock - North America (.com), PingOne dock - Europe (.eu), PingOne dock - Australia (.com.au), Directory Login - North America (.com), Directory Login - Europe (.eu), Directory Login - Australia (.com.au), Directory API - North America (.com), Directory API - Europe (.eu), Directory API - Australia (.com.au), Office365 Service - North America (.com), Office365 Service - Europe (.eu), Office365 Service - Australia (.com.au)) and PingID (PingID Authenticator - North America (.com), PingID Authenticator - Europe (.eu), PingID Authenticator - Australia (.com.au), PingID Server - North America (.com), PingID Server - Europe (.eu), PingID Server - Australia (.com.au), PingID SDK Server - North America (.com), PingID SDK Server - Australia (.com.au), PingID SDK Server - Europe (.eu)).