TLS Support

Why are we only supporting TLS 1.2 and above?

The PCI Security Council sets the rules on which technologies are acceptable for use in transmitting cardholder data. They have explicitly identified TLS 1.0 as no longer being a strong form of encryption because it is vulnerable to many known attacks.

Almost every website has stopped supporting TLS 1.0 and 1.1, this is done to help safeguard your information.

Are you affected?

If you don't use our API's then it's un-likely you will be affected unless you're using a really old browser and or operating system. To check to see if your computer/browser supports TLS 1.2 or higher please visit this link: https://www.ssllabs.com/ssltest/viewMyClient.html

API Library support

If you have code that connects with the ZeroBounce API, you must ensure that it will continue to work after June 1, 2018. Each language and library is different, below are the more popular languages.

These languages will need significant changes/upgrades in order to work:

  • Java 6u45 / 7u45
  • .NET before 4.5 (does not support TLS 1.2)
  • .NET 4.5 (must have settings changed to explicitly enable TLS 1.2)
  • OpenSSL 0.9.8
  • Most dynamic languages such as Ruby, PHP, & Python rely on the underlying operating system’s OpenSSL version. You can check it by running OpenSSL version. 1.0.1 in the minimum required.
  • PHP 5.5.19 and up has support for TLS 1.2

You can test your connection with various tools and documentation found on the internet. Please keep in mind that we are not experts in every language or framework and so we aren’t able to test or fix your code for you.

Language specific instructions

  • .NET 4.6: TLS 1.2 is used automatically. No changes are necessary.
  • .NET 4.5: The SecurityProtocolType needs to be changed to Tls12 (using the SecurityProtocol Setter)
  • .NET 4.0: TLS 1.2 is supported, but there’s no named SecurityProtocolType enumeration. Use (SecurityProtocolType)3072.
  • .NET 3 and below: Must be upgraded to 4.5

Support for TLS System Default Versions included in the .NET

Browser Support

Most browsers have supported TLS 1.2 for several years.

The following browsers DO NOT support TLS 1.2 and will no longer work.

  • Google Chrome 29
  • Firefox 26
  • Internet Explorer 10
  • Safari 8
  • iOS 4
  • Android 4