A BYOC Premises Edge provides the following encryption features:

  • RSA certificates with key sizes that meet or exceed NIST and NSA Suite B guidelines

  • Private Root Certificate Authorities that are never accessible online

  • Ciphers that provide perfect forward secrecy through elliptical curve Diffie-Hellman ephemeral (ECDHE) key agreement

  • Multiple independent certificate chains in the PKI to isolate functionality
    For example, the chain that signs the Pairing certificates is not the chain that signs the Edge Proxy certificates. The following diagram illustrates these certificate chains:

Independent certificate chains in the Genesys Cloud PKI