Here is the current configuration of our servers.
Supported TLS Versions : TLS 1.2, TLS 1.1, TLS 1.0
Ciphers supported (preference order)
ECDHE-ECDSA-AES128-GCM-SHA256
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-RSA-AES256-GCM-SHA384
AES256-SHA256
AES128-SHA256
AES256-SHA
AES128-SHA
DES- CBC3-SHA
ECDHE-ECDSA-AES128-SHA
ECDHE-ECDSA-AES256-SHA
ECDHE-RSA-AES128-SHA
ECDHE-RSA-AES256-SHA
ECDHE-RSA-DES-CBC3-SHA
ECDHE-RSA-RC4-SHA
DHE-RSA -AES128-SHA
DHE-RSA-AES256-SHA
RC4-SHA
RC4-MD5
ECDHE-ECDSA-DES-CBC3-SHA
ECDHE-ECDSA-RC4-SHA
TLS SNI enabled
Verification of the SSL certificate of the origin: this option is currently only configurable via the API. Failure to verify the certificate has serious security implications, including a vulnerability to man-in-the-middle attacks.