Beginning on June 30th 2018, TLS 1.0/1.1 will no longer be an available protocol for browsers to access corporate sites such as; www, billing, control panels and status pages. Due to our billing system and server being PCI compliant, the PCI Security Council has set a deadline of June 30th to retire TLS/SSL protocols older than TLS 1.1. While we have not supported older protocols like SSL v2/v3 for nearly 5 years, TLS 1.0 was left enabled to provide support for older browsers. With the recent security issues found with TLS 1.0/1.1, we have decided that in addition to the PCI-mandated disabling of TLS 1.0, we will also be retiring TLS 1.1 support.
What browsers are affected?
- Internet Explorer v7 and below
- Internet Explorer v8, v9 and v10 when running on Windows XP or Windows Vista
- Firefox v22 and below
- Chrome v21 and below
- Android 4.3 (Jelly Bean) and below
- Safari v6 and below
- Safari for iOS 4 and below
Will I see an error notice or a warning page?
No, since the protocol is disabled, there is no way the server can return a response to the browser.
Fix for Windows 7 / 8
If you are running Windows 7 or Windows 8.0 you should download the Microsoft Easy fix at https://support.microsoft.com/en-us/help/3140245/update-to-enable-tls-1-1-and-tls-1-2-as-a-default-secure-protocols-in (known as KB3140245) and install the update that will enable TLS 1.1/1.2. Customers running Windows 8.1 and higher are already enabled for TLS 1.1/1.2. Remember to take a backup before installing any updates that change the system’s configuration!
I am on Windows XP, what can I do!?!
Unfortunately, Windows XP is no longer a supported operating system by Microsoft and there is no support for TLS 1.1/1.2 (we are aware of some… “workarounds”, but we will not post those here). We recommend that if you are still running Windows XP that you look for options to upgrade to at least Windows 7 or if possible Windows 10.
More to come!
Many companies and websites like PayPal, eBay, NHTSA and Adobe have disabled protocols TLS < 1.2 with many more announcing these changes as well. This is quickly becoming the industry standard to support TLS 1.2 only.
Additional changes to ASPnix shared servers and services will be announced in the coming weeks regarding retiring TLS 1.0 for all shared systems. We highly recommend that any customers that are running an SSL-enabled websites notify their customers and user base regarding the above changes as a preemptive alert.
If you have any questions or concerns, please reach out to our support team and they will be happy to address any concerns you may have.