Transport Layer Security (TLS) is a cryptographic protocol designed to allow computers to transmit data over the internet securely. Due to several weaknesses discovered in TLS 1.0 and 1.1, Totango supports TLS 1.2 or later. This is an industry-wide best practice intended to ensure that your customer data is always safe and secure.
How does this impact you?
You may only encounter issues if one of the following scenarios applies to you:
- If you are sending data to the HTTP API through some other method: Packages sent to the HTTP API by a system that does not support TLS 1.2 or later will be rejected. For example, if you have a batch process that sends data to Totango once per day, those packages will be rejected by our API and the data will not be reflected in your Totango instance.
How to prevent interruptions
Ensure that you update clients and operating systems that do not support TLS 1.2. This typically involves upgrading the operating system and packages on your server. Additionally, you may want to consider asking your customers to upgrade their browsers and operating systems to ensure TLS 1.2 compatibility.
Common browsers and operating systems
These commonly used browsers support TLS 1.2:
- Google Chrome version 30+
- Mozilla Firefox version 24+ (note: Firefox 24 and 25 have TLS 1.2 disabled by default)
- Internet Explorer version 8+ (note: IE 8, 9, and 10 all have TLS 1.2 disabled by default and must have the correct service packs installed to be supported)
- Safari version 7+
These commonly used operating systems support TLS 1.2:
- Windows 7+
- OSX 10.10+
- Android 4.1+
- iOS 9.0+
- Chrome OS
For more detailed documentation on which technologies support TLS 1.2 refer to this article.