support@experttexting.com
845-580-6454

TLS v1.2 Upgrade – What you Need to Know.

ExpertTexting uses HTTPS to securely exchange sensitive data such as credit cards/Paypal payments  processing and allowing API Access for integration purposes. To encrypt these communications, we use the Transport Layer Security (TLS) protocol.

TLS 1.2 is one of the most secure versions of SSL/TLS protocol that is designed to prevent eavesdropping, tampering, or message forgery. ExpertTexting now requires TLS 1.2 in order to ensure the continuous security adhere to industry best practices.

What’s Required:

All API Customers must update their software, browser and hardware to support security protocol TLS v1.2.

Why do we need to make this change?

The PCI Security Council sets the rules on which technologies are acceptable for use in transmitting cardholder data. They have explicitly identified TLS 1.0 & TLS 1.1 as no longer being a strong form of encryption because they are vulnerable to many known attacks.

This is not an action ExpertTexting is taking alone. EVERY website that transmits or processes credit card data will be making this change. If you are using an insecure or unsupported browser or API client, you will find that all secure websites will stop working very soon.

From March 01  2018, the ExpertTexting API and it’s web portal will require TLS v1.2 in order to ensure the continuous security adherence to industry’s best practices.

Browser Support

Most browsers have supported TLS 1.2 for several years.

The following browsers DO NOT support TLS 1.2 and will no longer work.

  • Google Chrome 29
  • Firefox 26
  • Internet Explorer 10
  • Safari 8
  • iOS 4
  • Android 4

How do I upgrade my integration from TLS 1.0 to TLS 1.2

 

JAVA support

Version = JDK/JRE 7 Client                    (Yes, but support for TLS v1.2 must be enabled manually)
Version = JDK/JRE 7 Server & above   (Yes, TLS v1.2 is enabled by default)
Version = JDK/JRE 6 or below               (Not supported)

Open SSL support

Your Open SSL version must be 1.0.1 or higher.

.NET

  • .NET 4.6: TLS 1.2 is used automatically. No changes are necessary.
  • .NET 4.5: The SecurityProtocolType needs to be changed to Tls12 (using the SecurityProtocol Setter), add the following line above the first request.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12
  • .NET 4.0: TLS 1.2 is supported, but there’s no named SecurityProtocolType enumeration. Use (SecurityProtocolType)3072.
  • .NET 3 and below: Must be upgraded to 4.5

PHP

TLS 1.1 and TLS 1.2 are supported since OpenSSL 1.0.1

Forcing TLS 1.1 and 1.2 are only supported since curl 7.3.4

Reference URL for CURL Options: https://curl.haxx.se/libcurl/c/CURLOPT_SSLVERSION.html

If you are using older versions of PHP or OPENSSL use following command to update packages.

yum update nss curl openssl

After the updates you should see that cURL is working with TLS greater than 1.0. Simple test code:

<?php

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, “https://www.howsmyssl.com/a/check”);
curl_setopt($ch, CURLOPT_SSLVERSION, 6); // TLS 1.2
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
curl_close($ch);$tlsVer = json_decode($response, true);
echo “<h1>Your TSL version is: <u>” . ( $tlsVer[‘tls_version’] ? $tlsVer[‘tls_version’] : ‘no TLS support’ ) . “</u></h1>”;

In case the workaround doesn’t work, please try to update your Operating System to the newer version.

Ruby

Ruby uses the system openssl. OpenSSL v0.9.8 will no longer work, but later versions work without any changes required.

In-case you still need any support with the upgrade, Get in touch with our support team at sms.support@experttexting.com

 

Comments are closed.