Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Temporary Disablement of TLS 1.0/1.1


John W

Recommended Posts

I received the email  below, so I imagine everyone using A.net received this too.  If you are unsure whether you can use TLS 1.2, you can go to

https://www.ssllabs.com/ssltest/

and test your server to check what level your server/site supports.

 

 

As you may be aware, new PCI DSS requirements state that all payment systems must disable earlier versions of TLS protocols. These older protocols, TLS 1.0 and TLS 1.1, are highly vulnerable to security breaches and will be disabled by Authorize.Net on February 28, 2018.

 

To help you identify if you’re using one of the older TLS protocols, Authorize.Net will temporarily disable those connections for a few hours on January 30, 2018 and then again on February 8, 2018. 

 

Please refer to our TLS FAQs for important details.

 

Based on the API connection you are using, on either one of these two days you will not be able to process transactions for a short period of time. If you don’t know which API you’re using, your solution provider or development partner might be a good resource to help identify it. This disablement will occur on one of the following dates and time:

 

·     Akamai-enabled API connections will occur on January 30, 2018 between 9:00 AM and 1:00 PM Pacific time.

·     All other API connections will occur on February 8, 2018 between 11:00 AM and 1:00 PM Pacific time.

Merchants using TLS 1.2 by these dates will not be affected by the temporary disablement. We strongly recommend that connections still using TLS 1.0 or TLS 1.1 be updated as soon as possible to the stronger TLS 1.2 protocol. If your current Virtual Point of Sale (VPOS) is an Authorize.Net product, please call Authorize.Net Customer Support at 1.877.447.3938 for assistance in updating to TLS 1.2.

 

Note: If you are not using a current version of a web browser, please take a few moments to upgrade it now. Browsers released prior to 2014 may not support TLS 1.2. You can check your browser's TLS support by visiting https://www.howsmyssl.com/

 

If you have any questions about this email or the upcoming TLS disablement, please refer to our TLS FAQs. Thank you for your attention to this matter and for being an Authorize.Net merchant.

I'm not really a dog.

Link to comment
Share on other sites

I would suggest to everyone that they contact their host and ask that TLS 1.0 and 1.1, and the SSL protocols if they are still active, to be disabled. Some hosts, especially if the servers are old, may not do that automatically. At this point, there are only a few months left until they are supposed to do it so there's really no point in waiting. In some cases, the host won't be able to make that change without updating the server so waiting could cause a site-down situation. 

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...