Testing Legacy SSL Ciphers Deprecation

[First post – please bear with me.]

Box recently sent me a notice about deprecating some SSL protocols.

Legacy SSL Ciphers Deprecation

The suggestion is to use “api-test(.)box(.)com” instead of the normal “api(.)box(.)com” to test whether you need to make security changes to your app. The problem I’m facing is I use the BOX SDK v.2 (with C#) which has “api(.)box(.)com” hardcoded in the library so I can’t change it to use the testing URL.

[The (.) is to get around the new user 1 link only restrictions.]

Any suggestions? Please let me know if you need more info.


Hey there, welcome to the forum!

I’m not familiar with the C# SDK, so I can’t build you a sample, but you should be able to set a custom base url for the API.

From the SDK documentation:

var customUri = new Uri("https://custom-api-url.com");

var boxConfig = new BoxConfigBuilder("clientID", "clientSecret")

Let us know if this helps.


Thanks for the reply!

I had to massage my code a little to use the BoxConfigBuilder vs my static call BoxConfig.CreateFromJsonString(tokendata) but I got it to compile. It works with both the base and the testing API URL, so I guess I’m good to go (at least on my development computer). I’ll need to check the SSL/TLS configuration on the production server just to be sure.

Thanks for the help!


Awesome, feel free to continue to reach out to us!