Removing weak ciphers via api

For Workes & Pages, what is the name of the domain?

republicauto.com.sg

What is the error message?

Unknown X-Auth-Key or X-Auth-Email

What is the issue or error you’re encountering

I try to issue a Curl command to manage weak cipher for TLS 1.2 from a linux OS and receive error code:9103,message:unknown X-Auth-Key or X-Auth-Email

What are the steps to reproduce the issue?

curl --request PATCH "
https://api.cloudflare.com/client/v4/zones/88231593d........4850e/settings/ciphers"
–header “X-Auth-Email: [email protected]” --header “X-Auth-Key: 35c86c…6a0b9f5a” --header “Content-Type: application/json” --data ‘{“value”:[“ECDHE-RSA-AES128-GCM-SHA256”,“ECDHE-RSA-AES256-GCM-SHA384”]}’

Screenshot of the error

It seems the error is valid. The “X-Auth-Key,” which is your global API key, appears to mismatch the global API key associated with your user that I see in the system. Please avoid sharing sensitive information in community posts.

1 Like

Hi ikmal,

We verified that the Global Api key and email is correct. Profile > MyProfile > Api tokens > Global api key.

We then try the create token method.

  • Permssion (not sure if we have selected the correct permission ? ) :
    • Account > Account Filter Lists > Edit,
    • Zone > SSL and certificates > Edit
    • Zone > DNS > Edit
  • We successfully verified the newly created token.

But when we try with the following command :
curl -X PATCH “https://api.cloudflare.com/client/v4/zones/88231593d5fd90142caf1d16c7a4850e/settings/ciphers
-H “Authorization: Bearer pC_uKo32QK”
-H “Content-Type:application/json”
–data ‘{“value”:[“ECDHE-RSA-AES128-GCM-SHA256”,“ECDHE-RSA-CHACHA20-POLY1305”,“ECDHE-RSA-AES256-GCM-SHA384”]}’

Response
{“success”:false,“errors”:[{“code”:9109,“message”:“Unauthorized to access requested resource”}],“messages”:,“result”:null}

I manage to resolved the issue using the API Token method. Need to grant permission : Zone_Settings > Edit

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.