Compose Database-as-a-Service Help and Documentation

Everything you need to know about Compose, Hosted or Enterprise, is here in our help system. Whether you run one database for your businesses' sole application or six different databases to support an entire corporation, we've got the information you need.

Compose Encryption

Documenting the types of encryption Compose deployments support

Supported Versions

TLS 1.0*, TLS 1.1 and 1.2

Unsupported versions

No SSL (v2, v3 -- or other variations)
No RC4 or other weak cipher suites

Cipherscan results

For reference and verification, these are the results of running cipherscan against a Compose deployment:

Target: aws-us-east-1-portal.8.dblayer.com:10770

prio  ciphersuite                  protocols              pfs                 curves
1     ECDHE-RSA-AES256-GCM-SHA384  TLSv1.2                ECDH,P-256,256bits  prime256v1
2     ECDHE-RSA-AES256-SHA384      TLSv1.2                ECDH,P-256,256bits  prime256v1
3     ECDHE-RSA-AES256-SHA         TLSv1,TLSv1.1,TLSv1.2  ECDH,P-256,256bits  prime256v1
4     AES256-GCM-SHA384            TLSv1.2                None                None
5     AES256-SHA256                TLSv1.2                None                None
6     AES256-SHA                   TLSv1,TLSv1.1,TLSv1.2  None                None
7     CAMELLIA256-SHA              TLSv1,TLSv1.1,TLSv1.2  None                None
8     ECDHE-RSA-AES128-GCM-SHA256  TLSv1.2                ECDH,P-256,256bits  prime256v1
9     ECDHE-RSA-AES128-SHA256      TLSv1.2                ECDH,P-256,256bits  prime256v1
10    ECDHE-RSA-AES128-SHA         TLSv1,TLSv1.1,TLSv1.2  ECDH,P-256,256bits  prime256v1
11    AES128-GCM-SHA256            TLSv1.2                None                None
12    AES128-SHA256                TLSv1.2                None                None
13    AES128-SHA                   TLSv1,TLSv1.1,TLSv1.2  None                None
14    SEED-SHA                     TLSv1,TLSv1.1,TLSv1.2  None                None
15    CAMELLIA128-SHA              TLSv1,TLSv1.1,TLSv1.2  None                None

Certificate: untrusted, 2048 bits, sha512WithRSAEncryption signature
TLS ticket lifetime hint: 300
OCSP stapling: not supported
Cipher ordering: server
Curves ordering: server - fallback: no
Server supports secure renegotiation
Server supported compression methods: NONE
TLS Tolerance: yes

Updated 7/April/2016
* TLSv1.0 is temporarily restored. Please update clients to use TLSv1.1 or, ideally, TLSv1.2 as soon as possible.

Compose Encryption

Documenting the types of encryption Compose deployments support