TLS protocol
Object Storage supports secure client-server data exchange via the Transport Layer Security (TLS) protocol. To ensure robust protection of your data exchange, use TLS version 1.2 or higher.
Alert
Starting August 1, 2025, Object Storage no longer supports the TLS protocol versions 1.0 and 1.1.
To use TLS versions 1.0 and 1.1 to work with Object Storage, try the following solutions:
-
For website hosting: Bucket configured as static website hosting as a source of content in Yandex Cloud CDN. The connection between the client and the CDN server will be over TLS versions 1.0 and 1.1, and between the CDN server and Object Storage, over TLS version 1.2 or higher.
For an example of static website hosting in an Object Storage bucket with Cloud CDN access, see this tutorial.
-
For other cases: Yandex Compute Cloud VM with a web server and L7 balancing, e.g., NGINX, as a reverse proxy server. The connection between the client and the proxy server will be over TLS versions 1.0 or 1.1, and between the proxy server and Object Storage, over TLS version 1.2 or higher.
Most Amazon S3-compatible Object Storage clients do not allow you to explicitly select the TLS version; instead, they use the version specified at the system level.
For more information on configuring clients to work with TLS version 1.2 and higher, see these AWS guides: