TLS 1.2 Information

All external connections to the API will be restricted to TLS 1.2 by April 2018.

This section can provide details of how to ensure your services that rely on the libraries are prepared for TLS 1.2.

Please note that the UAT environment has the TLS 1.2 restriction applied and we strongly recommend you test your services against the UAT environment

Tests should be run on your production environment or an environment that closely matches it.

C# Requirements

.NET 4.0 does not support TLS 1.2 but a .NET 4.0 application can run in .NET 4.5 runtime with a registry setting to enforce TLS 1.2.

If you are currently running your application on .NET 4.6 it should have TLS 1.2 as the Default, however please use the UAT environment to ensure there are no issues.

Version TLSv1.2 Supported Required Changes for TLSv1.2
.NET3.0 and earlier No

Minimum requirement: Upgrade to .NET4.0 and run in .NET4.5 runtime with a registry setting to enforce TLS1.2

Recommendation: Upgrade to .NET4.6
.NET4.0 - .NET4.4 Yes, actions required .NET 4.0 to .NET4.4 application can run in .NET 4.5 runtime with a registry setting to enforce TLS 1.2.
.NET4.5 Yes, actions required Ensure you have a a registry setting to enforce TLS 1.2.
.NET4.6 Yes TLS 1.2 is supported as a Default

To validate your .Net version follow these steps:

  1. Download: CSharp_TLStest.zip

    Contained in this .zip file is the source and executable for the test.

  2. Extract the contents of the .zip file and run the TLStest.exe on your environment

    On success you should see: Transport Layer Security version 1.2 Ready

Java Requirements

To have access to TLS 1.2 you will need Java 6 minimum but you will need to explicitly enable it

For TLS 1.2 to be the Default you will need Java 8 minimum

Version TLSv1.2 Supported Required Changes for TLSv1.2
Java 5 No Upgrade to Java 6 or Later.
Java 6 Yes You must explicitly enable TLSv1.2
Java 7 Yes You must explicitly enable TLSv1.2
Java 8 Yes No changes required.

To validate your Java version follow these steps:

  1. Download: Java_TLStest.zip

    Contained in this .zip file is the source and .jar file for the test.

  2. Extract the contents of the .zip file and run the TLStest.jar on your environment.

    To run use the console from the extracted folder and enter the following command Java -cp TLSTest.jar TLSTest

    On success you should see: Transport Layer Security version 1.2 Ready

Node.js Requirements

To ensure your application is ready for TLS1.2 you will need to have OpenSSL 1.0.1c or later installed.

How to check you OpenSSL version

To validate your Node.js environment follow these steps:

  1. Download: NodeJS_TLStest.zip

    Contained in this .zip file is the source for the test.

  2. Extract the contents of the .zip file.

  3. To run use the console from the extracted folder and enter node TLStest.js

    On success you should see: Transport Layer Security version 1.2 Ready

Perl Requirements

To ensure your application is ready for TLS1.2 you will need to have OpenSSL 1.0.1c or later installed.

How to check you OpenSSL version

To validate your Perl environment follow these steps:

  1. Download: Perl_TLStest.zip

    Contained in this .zip file is the source for the test.

  2. Extract the contents of the .zip file.

  3. To run use the console from the extracted folder and enter perl TLStest.pl

    On success you should see: Transport Layer Security version 1.2 Ready

PHP Requirements

To ensure your environment is ready for TLS1.2 you will need to have OpenSSL 1.0.1c or later installed.

To force the use of TLS1.2 curl 7.34.0 is required.

How to check you OpenSSL version

  1. Download: PHP_TLStest.zip

    Contained in this .zip file is the source for the test.

  2. Extract the contents of the .zip file.

  3. To run use the console from the extracted folder and enter php TLStest.php

    Ensure the console uses the same PHP and curl versions as your service.

    On success you should see: Transport Layer Security version 1.2 Ready

Python Requirements

To ensure your application is ready for TLS1.2 you will need to have Python 2.7 or later and OpenSSL 1.0.1c or later installed.

Python

How to check you OpenSSL version

  1. Download: Python_TLStest.zip

    Contained in this .zip file is the source for the test.

  2. Extract the contents of the .zip file.

  3. To run use the console from the extracted folder and enter python TLStest.py

    On success you should see: Transport Layer Security version 1.2 Ready

Ruby Requirements

To ensure your application is ready for TLS1.2 you will need to have Ruby 2.0.0 or later and OpenSSL 1.0.1c or later installed.

Ruby

How to check you OpenSSL version

  1. Download: Ruby_TLStest.zip

    Contained in this .zip file is the source for the test.

  2. Extract the contents of the .zip file.

  3. To run use the console from the extracted folder and enter ruby TLStest.rb

    On success you should see: Transport Layer Security version 1.2 Ready

How To Check OpenSSL

To find out what version of OpenSSL your environment is currently using, the following command can be entered into a console OpenSSL version

If your OpenSSL version is below 1.0.1c please update to the latest version possible OpenSSL