Uberflip Deprecating TLS 1.0 as of June 1, 2017

February 21, 2017 Uberflip Customer Success

What is TLS?

TLS, otherwise known as "Transport Layer Security" is a protocol that provides privacy and data integrity between two communicating applications.

TLS is the most widely deployed security used today, and is intended for web browsers and other applications that require data to be securely exchanged over a network.

The main function of TLS is to ensure that a connection to a remote endpoint is the intended endpoint through encryption and endpoint identity verification. The versions of TLS, to date are TLS 1.0, 1.1 and 1.

What's Changing?

On June 1, 2017, Uberflip will be disabling the TLS 1.0 encryption protocol across all Uberflip services, and only supporting TLS 1.1 and TLS 1.2.  Uberflip has already enabled TLS 1.1 and TLS 1.2.

TLS ensures that a connection to a remote endpoint is to the intended destination through encryption and endpoint identity verification. Uberflip web and API connections use TLS as a key component of their security.

After Uberflip disables TLS 1.0, any secure connections to your Uberflip account will need to use the TLS 1.1 or TLS 1.2 encryption protocol. This change will impact secure access to Uberflip services, including

This change will not impact access to Uberflip-hosted non-secure flipbooks and hubs (“non-SSL” flipbooks and hubs).

Why the Change?

TLS 1.0 has several limitations and vulnerabilities that have been addressed in TLS 1.1 and TLS 1.2.  Industry best practice is to disable TLS 1.0 and only support TLS 1.1 and TLS 1.2 on secure websites, web applications, and APIs.

When is the Change Happening?

June 1, 2017 for all Uberflip services.

What do I need to do to be prepared for this change?

Web browsers

You, your organization’s users, and visitors to your secure flipbooks and hubs (“SSL-enabled” flipbooks and hubs) will experience issues accessing Uberflip using web browsers which do not support TLS 1.1 or TLS 1.2, or which have been configured to disable these protocols.

The following tables summarize most major web browser versions’ compatibility with TLS 1.1 and TLS 1.2.  You are encouraged to confirm your browser’s compatibility with its documentation and test compatibility with TLS 1.1 or TLS 1.2 before TLS 1.0 is deprecated.

Google Chrome

Chrome 38 & Newer: Compatible by default 

Chrome 22-37: Compatible on certain operating system versions by default 

Chrome 21 & Older: Not compatible 

Google Android Browser

Android 5.0 ("Lollipop") & Newer: Compatible by default 

Android 4.4 ("KitKat"): Compatible on certain devices by default

Android 4.3 ("Jelly Bean") & Older: Not compatible 

Mozilla Firefox

Firefox 27 & Newer: Compatible by default 

Firefox 23-26: Compatible if configured properly 

Firefox 22 & Older: Not compatible 

Microsoft Edge

Edge: Compatible by default

Apple Safari

Safari 7 & Newer (Desktop): Compatible by default 

Safari 5 & Newer (Mobile): Compatible by default 

Safari 7 & Older (Desktop): Not compatible 

Safari 4 & Older (Mobile): Not compatible

Microsoft Internet Explorer

Internet Explorer 11 (Desktop & Mobile): Compatible by default (though may need to be configured to explicitly disable TLS 1.0)

Internet Explorer 10, 9, and 8 (Desktop): Compatible on Windows 7 or newer if configured properly. Not compatible on Windows Vista, Windows XP, or older. 

Internet Explorer 7 & Older (Desktop): Not compatible 

Internet Explorer 10 & Older (Mobile): Not compatible 

Salesforce has a page that will test whether or not your web browser supports TLS 1.1 and TLS 1.2: https://tls1test.salesforce.com/

If you can view the test page without errors, your web browser will not be affected by this change.  Otherwise, you will need to upgrade or reconfigure your web browser in order to continue accessing Uberflip when this change is made.

API Consumers

Integrations, connectors, and other “apps” will experience issues consuming Uberflip APIs using languages, frameworks, or client libraries which do not support TLS 1.1 or TLS 1.2, or which have been configured to disable these protocols.

The following tables summarize most major platforms’ compatibility with TLS 1.1 and TLS 1.2.  You are encouraged to confirm your platform’s compatibility with its documentation and test compatibility with TLS 1.1 or TLS 1.2 before TLS 1.0 is deprecated.

Oracle Java

Java 8 (1.8) & Newer: Compatible by default 

Java 7 (1.7): Compatible if configured properly 

Java 6 (1.6) & Older: Not compatible 

IBM Java

Java 8: Compatible by default 

Java 7: Compatible if configured properly 

Microsoft .NET

.NET 4.6 & Newer: Compatible by default 

.NET 4.5-4.5.2: Compatible if configured properly 

.NET 4.0: Compatible if configured properly with .NET 4.5 installed in parallel 

.NET 3.5 & Older: Not compatible

Python

Python 2.7.9 & Newer: Compatible by default 

Python 2.7.8 & Older: Not compatible 

Ruby

Ruby 2.0.0 & Newer: Compatible if used with OpenSSL 1.0.1 or higher and properly configured 

Ruby 1.9.3 & Older: Not compatible 

OpenSSL

OpenSSL 1.0.1 & Newer: Compatible by default 

OpenSSL 1.0.0 & Older: Not compatible 

 


 

Please contact our Support Team if you have any questions.

No Previous Articles

Next Article
Want to Know What Our Dev Team Is Working On?
Want to Know What Our Dev Team Is Working On?

Then that's one reason you should sign up for these updates!