Communications are secured by TLS protocol. Communications (HTTPS and AMQPS) are secured by the TLS v1.2 protocol. SSL, TLS v1 to v1.1 versions are not supported. Suites using the AES -256 or ChaCha20 block cipher algorithm are preferred. The AES-128 algorithm is an acceptable alternative. Suites using the SHA2 and later hash functions are the only ones supported. Communications (HTTPS and AMQPS) require mutual authentication of the correspondents based on X-509 certificates (see § Authentication):
The consumer must provide its full certificate during the connection phase. This certificate must not have been corrupted or revoked.
The consumer's certificate also allows identification and secure access to the only distribution channel linked to its subscription.
The server also transmits its full certificate during the connection phase.