I wrote a Module for a PBX which synchronizes the customers Contacts from Pipedrive with the PBX, so they can be used for resolving Calls.
Our PBX is running on a tomcat/catalina Platform with Java.
With the latest Beta-Release they pulled the Java-Version up to 1.8.0_265.
With java 8 Oracle added some weak Encryption Methods to the Constraint list.
By default, anything Related to Encryption needs to use at least a Key-Size of 1024.
The Certificate api.pipedrive.com now causes an error, because it uses a EC Curve P256.
java.security.cert.CertPathValidatorException: Algorithm constraints check failed on key EC with size of 256bits
I can manually allow weaker encryption algorithms, if i have SSH root access to the pbx. But in the case of the cloud based version of the PBX this is simply not possible.
This basically means, some of our customer might be unable to use the Module any further, and the module is expected to break every time the pbx gets updated…
This means we’ll have to stop the support for pipedrive alltogether…
Is there any plan, to increase the security of the Certificate used on api.pipedrive.com anytimesoon?
Sincerely Fabian Zünd