Stay up to date about the latest news & updates

Rabobank and the cipher suite announcement

Recently the Rabobank has sent out a message to their Omnikassa users about deprecating certain cipher suites. A cryptic message to most users but let us try to explain what they are saying. To be very clear, this has nothing to do with RO Payments.

Whenever your server (where your website runs) makes a connection with the Rabobank server to perform a transaction you want that connection to be secure. A cipher suite is a set of algorithms that help secure this connection, think of a cipher suite as a language. So if your server does not speak the  language that the Rabobank server speaks, they will not understand each other. So the Rabobank is asking you to check if your server can speak one of these languages (cipher suites):

  • TLS-AES-256-GCM-SHA384
  • TLS-CHACHA20-POLY1305-SHA256
  • TLS-AES-128-GCM-SHA256

This is usually a question you would forward to your hosting provider to confirm that any one of these cipher suites is present on your server.

In case your hosting provider does not know what you are talking about, tell them to use the following command:

/usr/bin/openssl ciphers -v

This will give them a list of available cipher suites to check if there is any supported one from the Rabobank available.