Support for TLS

Transport Layer Security (TLS) is a cryptographic protocol designed to allow computers to transmit data over the internet securely. Due to several weaknesses discovered in TLS 1.0 and 1.1, Totango supports TLS 1.2 or later. This is an industry-wide best practice intended to ensure that your customer data is always safe and secure.

How does this impact you?

You may only encounter issues if one of the following scenarios applies to you:

If you are using Totango's Javascript integration: Usage data will not be accepted for events generated by anyone using an older browser or operating system that doesn't support TLS 1.2 or later. For example, if you are tracking logins using Totango's Javascript integration and one of your user's logs in to your product using Internet Explorer 7, the login event will not be tracked in Totango.
If you are sending data to the HTTP API through some other method: Packages sent to the HTTP API by a system that does not support TLS 1.2 or later will be rejected. For example, if you have a batch process that sends data to Totango once per day, those packages will be rejected by our API and the data will not be reflected in your Totango instance.

How to prevent interruptions

Ensure that you update clients and operating systems that do not support TLS 1.2. This typically involves upgrading the operating system and packages on your server. Additionally, you may want to consider asking your customers to upgrade their browsers and operating systems to ensure TLS 1.2 compatibility.

Common browsers and operating systems

These commonly used browsers support TLS 1.2:

Google Chrome version 30+
Mozilla Firefox version 24+ (note: Firefox 24 and 25 have TLS 1.2 disabled by default)
Internet Explorer version 8+ (note: IE 8, 9, and 10 all have TLS 1.2 disabled by default and must have the correct service packs installed to be supported)
Safari version 7+

These commonly used operating systems support TLS 1.2: