Skip to main content

TLS versions

Gr4vy supports and requires TLS 1.2 or TLS 1.3 for all API connections. To ensure the security of data and maintain PCI compliance, older protocols are strictly unsupported:
  • SSL (all versions)
  • TLS 1.0
  • TLS 1.1

Cipher suites

Gr4vy accepts connections using the following cipher suites. Please ensure your client supports at least one of these suites.

Server name indication (SNI)

Server name indication (SNI) is required for all API requests. Your HTTP client must support and send the SNI extension during the TLS handshake to ensure the correct certificate is presented.

Webhooks

For Gr4vy to successfully deliver webhooks, your receiving endpoint’s server must also support the TLS versions and cipher suites listed preceding. Gr4vy cannot deliver webhooks to servers that do not meet these security standards.

Testing connectivity

You can verify your system’s ability to connect to Gr4vy using the following curl command to reach the sandbox environment:
If the connection is successful, you see a TLS handshake completion message in the verbose output.