1. [JA3 Fingerprint](https://scrapfly.io/web-scraping-tools/ja3-fingerprint)
2. [ Cipher Suites ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/cipher-suites "Browse all TLS Cipher Suites")
3. TLS\_RSA\_WITH\_AES\_128\_GCM\_SHA256
 
   [  Browse All Cipher Suites ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/cipher-suites) 

 # TLS\_RSA\_WITH\_AES\_128\_GCM\_SHA256

 TLS 1.2 | 128-bit (NO Forward Secrecy) Not Recommended

 

### Cipher Suite Details



Cipher Suite Name

`TLS_RSA_WITH_AES_128_GCM_SHA256`

 

Hex Value

`0x009C`

 

Decimal Code

`156`

 

TLS Version

TLS 1.2

 

Security Level

128-bit (NO Forward Secrecy)

 

Recommended

  No 

 

 

 

### What is TLS\_RSA\_WITH\_AES\_128\_GCM\_SHA256?



TLS\_RSA\_WITH\_AES\_128\_GCM\_SHA256 uses static RSA key exchange, where the client encrypts the pre-master secret with the server's RSA public key. This method does NOT provide perfect forward secrecy - if the server's private key is compromised, all past sessions can be decrypted. Static RSA is deprecated and disabled in modern browsers. It remains supported for legacy compatibility with ancient systems. AES-128-GCM provides authenticated encryption, but the lack of forward secrecy makes this cipher suite unsuitable for modern security requirements. PCI-DSS and other compliance frameworks prohibit static RSA.



 

### Role in JA3 Fingerprinting



The **TLS\_RSA\_WITH\_AES\_128\_GCM\_SHA256** cipher suite is part of the TLS Client Hello that JA3 analyzes. Cipher suite order and selection are key indicators of browser type and version.

**JA3 Format:** `TLS_VERSION,CIPHERS,EXTENSIONS,CURVES,POINT_FORMATS`

Different browsers prioritize different cipher suites (Chrome prefers ChaCha20 on mobile, Firefox prioritizes AES-GCM, etc.), making cipher suite ordering a reliable fingerprint.

 

 

 

### Test Your Cipher Suites



 [  View Your JA3 Fingerprint ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint) 

See which cipher suites your browser advertises, including TLS\_RSA\_WITH\_AES\_128\_GCM\_SHA256.

 

### Technical References



- [RFC 5288 - Cipher Suite Specification ](https://datatracker.ietf.org/doc/html/rfc5288)
- [ciphersuite.info - TLS\_RSA\_WITH\_AES\_128\_GCM\_SHA256 ](https://ciphersuite.info/cs/TLS_RSA_WITH_AES_128_GCM_SHA256/)
- [IANA TLS Cipher Suites Registry ](https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4)