Important notes for SSL Support with CMaps Analytics and Google Maps

Suggested standards for TLS clients

    • While TLS 1.0 is sufficient we suggest upgrading to TLS 1.2 now.
    • A server name indication (SNI) extension should be included in the handshake containing the domain that’s being connected to.
    • The cipher suite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 should be supported with P-256 and uncompressed points. Please note this cipher suite is available in TLS 1.2 only.
    • The certificates in should be trusted.
    • Certificate handling should support DNS Subject Alternative Names and those SANs may include a single wildcard as the left-most label in the name.

To make testing easy, we’ve set up, which requires the first 3 standards above to be met in order to make a successful connection (note: this host is slightly over-restrictive, requiring TLS 1.2). If your TLS client can’t connect to that host, update your libraries or configuration.

Support Articles

Enable SSL Support