Thanks guys from Google Cloud Support. I have to ask though - we have 15+ custom domains across multiple different apps, all of which have to be PCI-DSS compliant.
Are you saying the platform won't be compliant by default? (by having the weak cipher enabled and suggesting it has to be disabled manually per domain, plus by the end of June, TLSv1.2+ only will be a requirement). We chose App Engine for the out of the box PCI-DSS compliance, but this thread seems to be suggesting otherwise.. ?? We do have Gold support so I will open this privately closer to the deadline, but for the benefit of others who may have the same issue, it would be great if we could get an answer here. On Tuesday, April 3, 2018 at 10:15:05 PM UTC+1, Fady (Google Cloud Platform) wrote: > > As to update this community thread, working with Nikolaus, and the > Engineering team we were able to disable the cipher (3DES) for his custom > domain. > > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To unsubscribe from this group and stop receiving emails from it, send an email to google-appengine+unsubscr...@googlegroups.com. To post to this group, send email to google-appengine@googlegroups.com. Visit this group at https://groups.google.com/group/google-appengine. To view this discussion on the web visit https://groups.google.com/d/msgid/google-appengine/0b92da39-a909-4f71-b7a0-3c1373d40c1d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.