1. Is this relevant to me?
This is relevant to clients using Custom API integrations that use TLS 1.0 and 1.1 to connect with the Verified system, app.verified.eu.
Users or templates will not be affected by the TLS 1.2 upgrade.
2. What is it?
*June 20, 2023: AWS has extended the timeline until the calendar date when TLS version < 1.2 will be deprecated. To avoid disruption with your system-to-system integrations with the Verified API, you must update all of your TLS 1.0/ 1.1 software clients no later than 06/28/23.
AWS, our main Cloud provider for the Verified v2.5 (app.verified.eu) have been informed us and their customer base that they have a planned change to retire the usage of TLS 1.0 and 1.1 on June 20, 2023 (new date: June 28, 2023). This update means you will need to use TLS versions 1.2 or higher for your connections toward Verified, so we kindly advise you to share this notice with your integration or engineering teams as soon as possible.
The AWS team made a presentation talking about the TLS changes that can be found here. An official article made by AWS about the changes is here.
3. Further Information
If you have a custom integration to Verified API system to system, you need to make sure that the TLS protocol version that you are using to call the Verified API is a minimum TLS 1.2 or later.
.NET
If your application is using .NET Framework 3.5 or 4.5 you should update to version 3.3.22.0 or later of AWSSDK.Core. This ensures you are using the latest HTTPS protocols and can communicate with newer AWS services. More information here.
Java
If your application runs on Java 1.7 or Java 1.6 (update 111 or later), you can set the https.protocols system property when starting the JVM to enable additional protocols for connections made using the HttpsURLConnection class – for example, by setting
Dhttps.protocols=TLSv1.2
If your application runs on Java 1.6 prior to update 111, or earlier, TLS 1.1 and 1.2 are not supported. Therefore, you need to update the version of Java your application runs on. More information here.
4. FAQ?
Why is this TLS change important?
New encryption protocol versions enhance the HTTPS performance and security for all users and provide many improvements in comparison with TLS 1.1 and older. The most prominent one is reduced latency by making the TLS handshake shorter and more efficient before any secure session is established.
When this third-party change will go into effect?
This will apply to everyone starting June 20th, 2023.
Comments
0 comments
Please sign in to leave a comment.