Transport Layer Security (TLS) is a cryptographic protocol designed to allow computers to transmit data over the internet securely. Due to several weaknesses discovered in TLS 1.0 and 1.1, many internet services like Totango are beginning to refuse events sent to our API that do not use TLS 1.2 or later. This is an industry-wide best practice intended to ensure that your customer data is always safe and secure.
How does this impact you?
The impact to Totango customers will be minimal: after looking at the data, only a fraction of a percent of events being sent to Totango are coming from older browsers and operating systems that only support TLS 1.1 and earlier. You will only encounter issues if one of the following scenarios applies to you:
- If you are sending data to the HTTP API through some other method: Packages sent to the HTTP API by a system that does not support TLS 1.2 or later will be rejected. For example, if you have a batch process that sends data to Totango once per day, those packages will be rejected by our API and the data will not be reflected in your Totango instance.
What can you do prevent interruptions in your data pipeline?
Ensure that you update clients and operating systems that do not support TLS 1.2. This typically involves upgrading the operating system and packages on your server. Additionally, you may want to consider asking your customers to upgrade their browsers and operating systems to ensure TLS 1.2 compatibility.
What browsers and operating systems support TLS 1.2?
These commonly used browsers support TLS 1.2:
- Google Chrome version 30+
- Mozilla Firefox version 24+ (note: Firefox 24 and 25 have TLS 1.2 disabled by default)
- Internet Explorer version 8+ (note: IE 8, 9, and 10 all have TLS 1.2 disabled by default and must have the correct service packs installed to be supported)
- Safari version 7+
These commonly used operating systems support TLS 1.2:
- Windows 7+
- OSX 10.10+
- Android 4.1+
- iOS 9.0+
- Chrome OS
For more detailed documentation on which technologies support TLS 1.2 refer to this article.