firebase ssl encryption firebase-hosting

How to disable weak SSL ciphers on firebase hosting

My firebase.json file looks like

{
      "hosting": {
        "public": "dist",
        "ignore": [
          "firebase.json",
          "**/.*",
          "**/node_modules/**"
        ],
        "rewrites": [{
          "source": "**",
          "destination": "/index.html"
        }],
        "headers": [{
          "source": "**",
          "headers": [{
              "key": "Access-Control-Allow-Origin",
              "value": "*"
            },
            {
              "key": "X-Frame-Options",
              "value": "DENY"
            },
            {
              "key": "X-Content-Type-Options",
              "value": "nosniff"
            },
            {
              "key": "X-XSS-Protection",
              "value": "1; mode=block"
            }
          ]
        }]
      }
    }

want to know how can I disable weak SSL cipher

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA

Solution

You can't. Firebase Hosting completely manages TLS configuration. You can derive that based on the following statements in their documentation:

"Zero-configuration SSL is built into Firebase Hosting, so content is always delivered securely."
"All content is served over an SSL connection from the closest edge server on our global CDN."
"Firebase automatically provisions SSL certificates for all your domains so that all your content is served securely."

Firebase Hosting Documentation