Skip to main content

Notifications

Announcements

Welcome to the Power Platform Communities - Lets Get Started!
May 14th | Power Platform Community AMA: Power Apps Edition
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Pages - General Discussions / Why is a TripleDes Cer...
Power Pages - General Discussions
Unanswered

Why is a TripleDes Certificate needed for Custom Domains

Like (1) ShareShare
ReportReport
Posted on 2 Sep 2024 12:15:29 by dboeckle 3

We are seeking clarification on the necessity of using TripleDES (3DES) encrypted certificates within certain Microsoft environments or applications instead of the more secure RSA-encrypted certificates.

Background:

Given the current advancements in cryptographic security, RSA encryption is widely recognized as a more secure and robust method for data protection, particularly due to its use of asymmetric key algorithms and its resistance to many types of attacks. On the other hand, TripleDES, being an older encryption standard, has known vulnerabilities and is generally considered less secure than modern encryption algorithms.

Concern:

We would like to understand why there is a requirement or recommendation to use TripleDES encrypted certificates in specific scenarios, as opposed to adopting the more secure RSA encryption. The use of RSA encryption could potentially enhance security and protect against vulnerabilities associated with older encryption methods like TripleDES. Additionally, many organizations are moving away from legacy encryption standards to align with industry best practices and compliance requirements.

Request:

Could you please provide a detailed explanation of the following points:

  1. Rationale for TripleDES: Why is TripleDES encryption still required or recommended in certain environments over RSA encryption?
  2. Compatibility Issues: Are there any compatibility reasons or legacy support considerations that necessitate the use of TripleDES?
  3. Security Implications: What are the security implications of continuing to use TripleDES encryption versus transitioning to RSA encryption?
  4. Future Roadmap: Is there a planned roadmap for phasing out TripleDES in favor of more secure encryption methods like RSA or AES?

Understanding these points will help us better align our security practices with Microsoft’s recommendations and ensure we are meeting both our security requirements and compliance standards.

Categories:
General

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities - Lets Get Started!
May 14th | Power Platform Community AMA: Power Apps Edition

Quick Links

🌸 Community Spring Festival 2025 Challenge Winners! 🌸

Congratulations to all our community participants!

Warren Belz – Community Spotlight

We are honored to recognize Warren Belz as our May 2025 Community…

Congratulations to the April Top 10 Community Stars!

Thanks for all your good work in the Community!

Leaderboard > Power Pages - General Discussions

#1
WarrenBelz Profile Picture

WarrenBelz 9 Most Valuable Professional

#2
Rondel Profile Picture

Rondel 6

#3
oliver.rodrigues Profile Picture

oliver.rodrigues 4 Most Valuable Professional

Overall leaderboard

Featured topics

Solution to LinkedIn Authentication in Power Apps Portals

Product updates

Microsoft Power Platform Community release plans