Removing Support for TLS 1.0 & 1.1
Modified on: Sat, 31 Jul, 2021 at 5:56 AM
We strive to comply with industry-standard best practices that ensure your data stays private and secure.
In keeping with this, as of 25th of August 2020, Transport Layer Security (TLS) Protocol 1.0 and 1.1 will no longer be supported by our platform. Both TLS 1.0 and 1.1 are out-of-date protocols that do not support modern cryptographic algorithms. They contain security vulnerabilities, and therefore can no longer be used for secure communications.
From 25th of August 2020 onward, we will only accept requests made by browsers or API clients that have TLS version 1.2 or higher.
What You Should Do Now
If your web browser is not compliant, you will not be able to connect to our platform. Please upgrade to a TLS v1.2 compliant version of your web browser. If you’re unsure of your web browser’s compatibility, run this tool to check.
The following list of browser versions, as well as any that predate them, DO NOT support TLS 1.2:
- Google Chrome 29
- Mozilla Firefox 26
- Internet Explorer 10
- Safari 8
- iOS 4
- Android 4
API Library Support
If you have code that connects with our platform’s API, it is important to ensure that it will continue to work after this change. While each language and library is different, we have identified those most commonly used as a point of reference. Here's the list of languages that will need significant changes/upgrades in order to continue operating uninterrupted:
- Java 6u45 / 7u45
- .NET before 4.5 (does not support TLS 1.2)
- .NET 4.5 (setting must be changed to explicitly enable TLS 1.2)
- OpenSSL 0.9.8
Most dynamic languages, such as Ruby, PHP, and Python, rely on the underlying operating system's OpenSSL version. Version 1.0.1 is the minimum requirement.
For more information on TLS protocol compatibility with various software platforms and operating systems, click here.