Skip to main content
Liaison International

TLS 1.0 Disablement Notice

Background

Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL) (both of which are frequently referred to as SSL) are cryptographic protocols designed to provide communications security over a computer network. These protocols are used to prevent malicious access to secure information (i.e., credit card information, customer data, etc.) on your website.

The protection of our customers’ data is of the utmost importance to Liaison. Therefore, in order to meet the current Payment Card Industry Data Security Standards (PCI DSS) for safeguarding payment data – and to promote the safety of your data and align with industry-wide best practices – Liaison disabled TLS 1.0 on June 30, 2018.

Notes:
  • TLS 1.0 is already disabled for Liaison Prelaunch and Sandbox environments. 
  • Click here to learn more about TLS, or click here to learn more about why it's important to disable this version of TLS.

Required Action

After disabling TLS 1.0, inbound and outbound connections to all Liaison portals will need to use TLS 1.1 or TLS 1.2 (preferred) encryption protocols. Note that different channels require encryption to access Liaison’s portals:

  • Internet Browser
    • You should not experience issues accessing Liaison’s portals and services in your browser(s) unless you are using a non-supported browser or have disabled the supported encryption protocols in the browser.
  • API (Inbound) Integrations
    • API Integrations are interfaces or applications that are separate from Liaison’s portals but use Liaison data. If you have any API Integrations, ensure that the TLS 1.1 and/or TLS 1.2 encryption protocols are enabled in those integrations.

Enabling TLS 1.1 and 1.2 in Internet Explorer

If you wish to continue using Internet Explorer 8, 9, and 10 to access secure pages that will work with TLS 1.1 or TLS 1.2, you’ll need to update your browser settings.

  1. From the Internet Explorer Menu Bar, select Tools > Internet options.
  2. From the Internet options window, select the Advanced tab.
  3. Under the Security settings category:
    • Deselect the checkbox for following: Use SSL 3.0 
    • Select the checkbox for Use TLS 1.0
    • Select the checkbox for Use TLS 1.1
    • Select the checkbox for Use TLS 1.2 (if available)
  4. Click OK.
  5. Exit and restart Internet Explorer.

Note: You can enable different encryption protocols in other browsers; a simple Google search can help you find the appropriate steps.

Browser Compatibility List

Browser, OS Version

Compatibility Status

Desktop and mobile IE version 11

Compatible by default.

Desktop IE versions 8, 9, and 10

Compatible when run in Windows 7 or newer, but not by default. Review the Enabling TLS 1.1 and TLS 1.2 in Internet Explorer article to enable TLS 1.1 or higher encryption.

Windows Vista and older operating systems, such as Windows XP

Not compatible with TLS 1.1 or higher encryption.

Desktop IE versions 7 and below

Not compatible with TLS 1.1 or higher encryption.

Mobile IE versions 10 and below

Not compatible with TLS 1.1 or higher encryption.

Microsoft Edge

Compatible by default.

Mozilla Firefox

Compatible with the most recent, stable version, regardless of operating system.

Firefox 27 and higher

Compatible by default.

Firefox 23 to 26

Compatible, but not by default.

Firefox 22 and below

Not compatible with TLS 1.1 or higher encryption.

Google Chrome

Compatible with the most recent, stable version, regardless of operating system.

Google Chrome 38 and higher

Compatible by default.

Google Chrome 22 to 37

Compatible when run in Windows XP SP3, Vista, or newer (desktop), OS X 10.6 (Snow Leopard) or newer (desktop), or Android 2.3 (Gingerbread) or newer (mobile).

Google Chrome 21 and below

Not compatible with TLS 1.1 or higher encryption.

Android 5.0 (Lollipop) and higher

Compatible by default.

Android 4.4 (KitKat) to 4.4.4

Compatible, but not by default.

Android 4.3 (Jelly Bean) and below

Not compatible with TLS 1.1 or higher encryption.

Desktop Safari versions 7 and higher for OS X 10.9 (Mavericks) and higher

Compatible by default.

Desktop Safari versions 6 and below for OS X 10.8 (Mountain Lion) and below

Not compatible with TLS 1.1 or higher encryption.

Mobile Safari versions 5 and higher for iOS 5 and higher

Compatible by default.

Mobile Safari for iOS 4 and below

Not compatible with TLS 1.1 or higher encryption.

Library List

Platform or Library      

TLS 1.1 or Higher Compatibility Notes

Java

Compatible with the most recent, stable version, regardless of operating system.

Java 8 (1.8) and higher

Compatible by default.

Java 7 (1.7)

Enable TLS 1.1 and TLS 1.2 using the https.protocols Java system property for HttpsURLConnection. To enable TLS 1.1 and TLS 1.2 on non-HttpsURLConnection connections, set the enabled protocols on the created SSLSocket and SSLEngine instances within the application source code

Java 6 (1.6) and below

Not compatible with TLS 1.1 or higher encryption.

.NET

Compatible with the most recent, stable version when run in an operating system that supports TLS 1.1 or TLS 1.2.

.NET 4.6 and higher

Compatible by default.

.NET 4.5 to 4.5.2

.NET 4.5, 4.5.1, and 4.5.2 do not enable TLS 1.1 and TLS 1.2 by default. Two options exist to enable these, as described below.

.NET applications may directly enable TLS 1.1 and TLS 1.2 in their software code by setting System.Net.ServicePointManager.SecurityProtocol to enable SecurityProtocolType.Tls12 and SecurityProtocolType.Tls11.

.NET 4.0

 

.NET 4.0 does not enable TLS 1.2 by default. To enable TLS 1.2 by default, it is possible to set the SchUseStrongCrypto DWORD value in the following two registry keys to 1, creating them if they don't exist: "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319" and "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319". Those registry keys, however, will enable TLS 1.2 by default in all installed .NET 4.0, 4.5, 4.5.1, and 4.5.2 applications on that system.

.NET 3.5 and below

Not compatible with TLS 1.1 or higher encryption.

Python

Compatible with the most recent, stable version when run in an operating system that supports TLS 1.1 or TLS 1.2.

Python 2.7.9 and higher

Compatible by default.

Python 2.7.8 and below

Not compatible with TLS 1.1 or higher encryption.

Ruby

Compatible with the most recent, stable version when linked to OpenSSL 1.0.1 or higher.

Ruby 2.0.0

TLS 1.2 is enabled by default when used with OpenSSL 1.0.1 or higher. Using the :TLSv1_2 (preferred) or :TLSv1_1 symbols with an SSLContext's ssl_version helps ensure that TLS 1.0 or earlier is disabled.

Ruby 1.9.3 and below

The :TLSv1_2 symbol does not exist in 1.9.3 and below, but it is possible to patch Ruby to add that symbol and compile Ruby with OpenSSL 1.0.1 or higher.

Microsoft WinINet

Compatible with the most recent, stable version.

Windows Server 2012 R2 and higher

Windows 8.1 and higher

Compatible by default.

Windows Server 2008 R2 to 2012

Windows 7 and 8

Compatible by default if Internet Explorer 11 is installed. If Internet Explorer 8, 9, or 10 is installed, then TLS 1.1 and TLS 1.2 will need to get enabled by the user or an administrator for compatibility.

Windows Server 2008 and below

Not compatible with TLS 1.1 or higher encryption.

Windows Vista and below

Not compatible with TLS 1.1 or higher encryption.

Microsoft Secure Channel (Schannel)

Compatible with the most recent, stable version.

Windows Server 2012 R2 and higher

 

Compatible by default.

Windows 8.1 and higher

Compatible by default.

Windows Server 2012

Windows 8

TLS 1.1 and TLS 1.2 are disabled by default but are available if enabled by an application.

Windows Server 2008 R2

Windows 7

Compatible by default in client mode when Internet Explorer 11 is installed.

Windows Server 2008 and below

Not compatible with TLS 1.1 or higher encryption.

Windows Vista and below

Not compatible with TLS 1.1 or higher encryption.

OpenSSL

Compatible with the most recent, stable version, regardless of operating system.

OpenSSL 1.0.1 and higher

Compatible by default.

OpenSSL 1.0.0 and below

Not compatible with TLS 1.1 or higher encryption.

Mozilla NSS

Compatible with the most recent, stable version, regardless of operating system.

3.15.1 and higher

Compatible by default.

3.14 to 3.15

Compatible with TLS 1.1, but not with TLS 1.2.

3.13.6 and below

Not compatible with TLS 1.1 or higher encryption.

 

  • Was this article helpful?