TLS 1.1 and 1.0 Disabled in Sandbox on April 30, 2017 - Updated

by Administrator Administrator ‎04-17-2017 01:38 PM - edited ‎04-27-2017 06:13 AM (8,874 Views)

4/27/2017 - Updated production date of Sept 18, 2017.

 

---------

 

As you may be aware, new PCI DSS requirements state that all payment systems must disable early TLS by 2018.

 

In preparation for this requirement, Authorize.Net plans to disable TLS 1.0 and TLS 1.1 on the following dates:

 

  • Sandbox -- April 30, 2017
  • Production – Sept 18, 2017

We are disabling the sandbox in advance of production to allow you to time to test your solution and ensure you are no longer using TLS 1.0 or 1.1.

 

Please check the code for your solutions and systems to confirm that they can default to TLS 1.2 for your API connections.

 

You can review our API Best Practices for details about TLS 1.2 platform support, cipher recommendations, and other integration suggestions:

https://community.developer.authorize.net/t5/The-Authorize-Net-Developer-Blog/Request-for-Comments-A...

 

Comments
by Tri
on ‎05-01-2017 07:08 AM

today is 5/1/2017, can you please confirm if Au.net disbaled TLS 1.0 and TSL 1.1 on sandbox?

by DavidH
on ‎05-01-2017 09:41 AM

I'm also wondering if the older TLS versions have been disabled yet. Because according to https://www.ssllabs.com/ssltest/analyze.html?d=test.authorize.net , as of Mon, 01 May 2017 15:53:53 UTC, TLS 1.0 and 1.1 are still enabled.

by Administrator Administrator
‎05-01-2017 01:58 PM - edited ‎05-01-2017 02:27 PM

Hello @DavidH @Tri

 

Yes, updates to remove TLS 1.0 and 1.1 in the sandbox are now complete

 

Richard