TLS protocol
Object Storage supports secure client-server data exchange via the Transport Layer Security (TLS) protocol. To ensure robust protection of your data exchange, use TLS version 1.2 or higher.
Alert
Starting July 1, 2025, Object Storage will discontinue support for the TLS protocol versions 1.0 and 1.1.
We recommend updating the TLS protocol on the client side of the software to version 1.2 or higher.
To temporarily continue to use TLS versions 1.0 and 1.1 to work with Object Storage, try the following solutions:
- For website hosting: Bucket configured as static website hosting as a content source in Yandex Cloud CDN. The connection between the client and the CDN server will be over TLS versions 1.0 and 1.1, and between the CDN server and Object Storage, over TLS version 1.2 or higher.
- For other cases: Yandex Compute Cloud VM with a web server and L7 balancing, e.g., NGINX, as a reverse proxy server. The connection between the client and the proxy server will be over TLS versions 1.0 or 1.1, and between the proxy server and Object Storage, over TLS version 1.2 or higher.
Most Amazon S3-compatible Object Storage clients do not allow you to explicitly select the TLS version; instead, they use the version specified at the system level.
For more information on configuring clients to work with TLS version 1.2 and higher, see these AWS guides: