Introduction

  • In order to maintain high Data Security Standards, TLS 1.0, TLS 1.1 will be deprecated as of October 31, 2022 for Data Anywhere customers. This means you may have to make a few adjustments in your integration. Users of data anywhere need to ensure they are using TLS 1.2 in order to communicate with Data Anywhere services.

  • TLS provides communications security for the most sensitive personal and financial information, maintaining the latest TLS encryption protocols to keep the cryptographic apparatus at full strength is a fundamental security standard.

Checking TLS protocol version

  • To test if your environment is prepared to TLS 1.2 protocol, send a request from your server to https: //www.howsmyssl.com/a/check and check which is TLS protocol version (by tls_version in response), if is TLS 1.2, your environment is ready to send connections with TLS 1.2 protocol and no action is required.

PHP Example
<?php $curl=curl_init('https://www.howsmyssl.com/a/check'); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); $response=curl_exec($curl); curl_close($curl); $json=json_decode($response); echo$json-> tls_version;

Sending with TLS 1.2 protocol

Java

  • Java 5 or earlier: Does not support TLS 1.2. Please update it.

  • Java 6-7: Set to use TLS1.2 by SSLContext.

  • Java 8 or later: TLS 1.2 is default.

Set TLS1.2 by SSLContext
SSLContext sc = SSLContext.getInstance("TLSv1.2"); 
sc.init(null, null, new java.security.SecureRandom()); 
HttpsURLConnection con = (HttpsURLConnection) httpsURL.openConnection(); 
con.setSSLSocketFactory(sc.getSocketFactory());

In Java 6 it's required at least oracle’s update 6u115 or IBM Service Refresh 10

.NET

  • .NET Framework 4.0 or earlier: Does not support TLS 1.2. Please update it.

  • .NET Framework 4.5: Set to use TLS1.2 by SecurityProtocol.

  • .NET Framework 4.6 or later: TLS 1.2 is default.

Set security protocol before the connection
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12

PHP, Ruby, Node and Python

  • It’s necessary to update openssl to 1.0.1c or later in your operating system.

Force TLS 1.2 protocol in PHP (requires CURL 7.34.0 or later)
<?php curl_setopt ($curl, CURLOPT_SSLVERSION, 6);

It’s necessary ruby 2.0 or later