TLS_RSA_WITH_AES_256_GCM_SHA384
TLS 1.2 | 256-bit (NO Forward Secrecy) Not Recommended
Cipher Suite Details
TLS_RSA_WITH_AES_256_GCM_SHA3840x009D157What is TLS_RSA_WITH_AES_256_GCM_SHA384?
TLS_RSA_WITH_AES_256_GCM_SHA384 is the 256-bit variant of static RSA key exchange. Despite using AES-256 for encryption, the lack of perfect forward secrecy makes this cipher suite insecure by modern standards. If the server's RSA private key is compromised, all recorded sessions can be decrypted retroactively. This enables "harvest now, decrypt later" attacks, where adversaries record encrypted traffic and decrypt it when quantum computers become available. Static RSA cipher suites are deprecated and disabled in TLS 1.3. They should never be used except for legacy compatibility.
Role in JA3 Fingerprinting
The TLS_RSA_WITH_AES_256_GCM_SHA384 cipher suite is part of the TLS Client Hello that JA3 analyzes. Cipher suite order and selection are key indicators of browser type and version.
JA3 Format: TLS_VERSION,CIPHERS,EXTENSIONS,CURVES,POINT_FORMATS
Different browsers prioritize different cipher suites (Chrome prefers ChaCha20 on mobile, Firefox prioritizes AES-GCM, etc.), making cipher suite ordering a reliable fingerprint.
Test Your Cipher Suites
See which cipher suites your browser advertises, including TLS_RSA_WITH_AES_256_GCM_SHA384.