TLS 1.0 end-of-life on June 30th, 2018

Saturday 30th June 2018 marked a significant change to how the Internet communicates. An old security protocol (TLS version 1.0) was phased out, and this might cause issues for anyone who hasn’t updated their computer’s operating system, web browser or email software in the last few years. This blog post explains what’s happening and what you should do if you encounter issues.

Background Information
TLS (Transport Layer Security) is the secure communications protocol used by nearly all e-commerce website applications, web servers, web browsers and email applications. Your computer/tablet/phone will use TLS hundreds of times a day when you surf the web, read your emails or use mobile apps. Indeed, when you opened this blog post, your web browser connected to our website using the TLS protocol.

TLS is still widely known by the name of its predecessor SSL (Secure Socket Layer), despite the SSL protocol reaching end of life two decades ago. SSL 3.0 was superseded by TLS 1.0 in 1999, TLS 1.1 in 2006, TLS 1.2 in 2008, and TLS 1.3 in 2018. As new protocols are introduced, old protocols reach their end of life and for security reasons must no longer be utilised.

The Deadline
The PCI Council is responsible for determining when older protocols are phased out. They initially decided TLS 1.0 would reach end of life on 30 June 2016, later extending the date to 30 June 2018. The final deadline has past and all web servers, web browsers, web software and email applications have had to discontinue TLS 1.0 support, or fall foul of important security updates. At Just Simple Web our technicians have applied the appropriate updates across our web and email servers.

What To Look Out For
For around two years all new software has used TLS 1.2 instead of the old TLS 1.0. All major software vendors (Apple, Microsoft, Google etc.) have released updates to ensure their applications work with TLS 1.2, so we’re not anticipating any major issues.

You should ensure all your website software is up to date. Take some time to check your website software, plugins/modules, and email applications. Importantly, ensure any payment modules for example PayPal, SagePay, Realex are up to date – as that’s what could cause the biggest headache for your business. Vendors such as these disabled TLS 1.0 across their systems on 30th June 2018.

You, your web developer, or perhaps an IT person in your organisation, will be responsible for updating your website software and any plugins/modules.

If you now find any issues utilising or connecting to any piece of software, in the first instance please contact the relevant software developer for the application/plugin/module, as it’s likely they’ll have released an update or patch.

Importantly, TLS will also be used on your computer, by your operating system, web browser, and email application. It’s equally important that you keep those systems up to date.

Advice for Windows users – Windows XP and earlier operating systems (that are no longer supported by Microsoft) do not include any support for TLS 1.2; the only option is to Upgrade to a New Operating System. Windows 7 can support TLS 1.2, but you must Install SP1 and you will need to Setup Registry Keys. We strongly recommend discussing that with your IT person in your organisation (or a local computer repair shop).
Windows 8 and later have TLS 1.2 support as a default feature, so you shouldn’t need to do anything.

Old email applications (particularly MS Outlook or Exchange), should have been upgraded or patched some time ago and we strongly recommend discussing this with your IT person immediately.

Advice for Mac users – OS X El Capitan (released in 2015) and earlier OS X versions do not support TLS 1.2, but Sierra (released in 2016), High Sierra (2017) and Mojave (2018) all support TLS 1.2. The good news is OS X updates are completely free; there’s no excuse not to update!

If you are encountering issues with your email software, don’t forget you can access webmail by going to www.<yourdomainname>.com/webmail – you’ll need your full email address and password to login. We offer a choice of 3 webmail applications – Horde, RoundCube and SquirrelMail. You can access webmail from anywhere until your IT person has updated your operating system and/or email software.

If you’re still facing problems please don’t hesitate to Open a Support Ticket and our team will advise you further. Please include your operating system (the specific version) and your email software (the specific version) so we can provide the most relevant information.