26.03.12 - Apigee Edge for Public Cloud Edge UI and SSO release notes

You're viewing Apigee Edge documentation.
Go to the Apigee X documentation. info

On March 12, 2026, we began releasing security enhancements for the Apigee Edge UI and SSO services to disable support for legacy TLS cipher suites.

Help & notifications

Private Cloud customers: Is this cloud release included in your Private Cloud version? See your version's release notes to see which cloud releases it contains. Also, see About release numbering to understand how you can figure it out by comparing release numbers.

Questions or issues? Get help here.

Release notifications: Go to http://status.apigee.com and click Subscribe to Updates.

Release notes home page

Security enhancement

The following security enhancement is included in this release. This list is primarily for users checking to see if their support tickets have been fixed. It's not designed to provide detailed information for all users.

Issue ID	Component Name	Description
324408910	Edge UI and SSO	Enhanced security by disabling legacy TLS cipher suites and requiring modern TLS 1.2 configurations for apigee.com and login.apigee.com.

To align with modern security best practices, we disabled several older, less secure TLS cipher suites. After this change, only the following modern and secure TLS 1.2 cipher suites are supported:

• ECDHE-ECDSA-AES128-GCM-SHA256
• ECDHE-RSA-AES128-GCM-SHA256
• ECDHE-ECDSA-AES128-SHA256
• ECDHE-ECDSA-AES256-GCM-SHA384
• ECDHE-RSA-AES256-GCM-SHA384
• ECDHE-ECDSA-AES256-SHA384

The following weak cipher suites are being disabled:

• ECDHE-RSA-AES128-SHA256
• ECDHE-RSA-AES256-SHA384
• AES128-GCM-SHA256
• AES128-SHA256
• AES256-GCM-SHA384
• AES256-SHA256

While most customers using up-to-date browsers and API clients will not be affected, those with very old or misconfigured clients that do not support the modern ciphers listed above may experience connection failures to apigee.com and login.apigee.com.