My SellerDeck Account | Newsletter | Free Trial

Community and Knowledge Base

  #1  
Old 30-Oct-2015, 12:33 PM
G.W.Green G.W.Green is offline
Administrator
Join Date: Sep 2005
Full Name: G.W.Green
Posts: 480
Thanks: 0
Thanked 66 Times in 42 Posts
Retirement of TLS 1.0 and TLS 1.1

From July next year (2016) many systems are required to support TLS 1.2 and not support any earlier levels of TLS or SSL.

Over the next few months emails will be sent from payment service providers (PSPs) and from hosting companies regarding this.

The impact will affect several areas:-
  • Browsers viewing secure payment pages
  • Communications with PSPs
  • Authorisation call backs from PSPs

Browsers viewing secure payment pages
When a buyer views a payment page their browser will need to support TLS1.2 or they will not be able to complete the payment. All mainstream browsers have supported TLS1.2 for some time. IE11 supports TLS1.2 by default, but it can be enabled via 'Internet Options' in IE8 and later.

Note If the merchant's web site uses SSL and the merchant's hosting company removes support for all but TLS1.2, then the merchant's customers/buyers will also need a TLS1.2 enabled browser.

Communications with PSPs
Sometimes the merchant's server needs to make an SSL connection to another server. If the other server only accepts TLS1.2 then the merchant's server needs to be TLS1.2 enabled.

SellerDeck uses 'Crypt::SSLeay' and we have confirmed that version 0.57 and later versions support TLS1.2, but we cannot determine whether earlier versions support TLS1.2.

Authorisation call backs from PSPs
If the merchant's web site uses SSL for the checkout then the PSP authorisation callback will also use SSL. In this case there are two possible problems: -
  1. The first occurs if the PSP insists on TLS1.2 then the web server needs to support TLS1.2.
    Note: We are in the process of upgrading SellerDeck Hosting to support TLS1.2.

    You can check your site by starting checkout in FireFox, click the padlock and then click 'More Information' the resulting dialog should show TLS 1.2 against 'Connection Encrypted'. IE currently does not appear to provide this information.

  2. The second occurs if the merchant's server insists on TLS1.2. In this case the PSP call back will fail if the PSP does not support TLS1.2.
    If this occurs then you will need to check with your PSP when they will support TLS1.2 and the hosting company will need to re-enable the best protocol still accepted by the PSP.
Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are Off
[IMG] code is On
HTML code is Off



All times are GMT. The time now is 03:38 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.