Solved: Enabling TLS1.2

sushmaramachand · 05-31-2018 10:51 AM

Please could you let me know how to enable TLSv1.2 for the user agents that are still using older TLS Versions - TLSv1 for a list of Virtual Hosts

User Agents: RestSharp/105.2.3.0

I have received an email from apigee stating below -

You are receiving this message because you are an Organization Administrator** for the following Apigee Org(s): ********. Our data shows that the user agents listed below (first 50 characters of user-agent string, limited to 100 strings) are still using older TLS Versions (see below) for the corresponding Virtual Hosts (see below). These calls will start failing after June 18th 2018 as those old TLS protocols will no longer be supported.

dchiesa1

Hi

Please could you let me know how to enable TLSv1.2 for the user agents that are still using older TLS Versions

Hmm, I think what's necessary is to get your clients to upgrade. The notice you got is telling you that TLS prior to v1.1 will no longer be supported.

With TLS, the client gets to choose whether to use TLS1.1 or TLS1.2. You need to specify that in the client code.

For example,

if the client is in Windows Powershell, you need to do this:

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

( reference)

If your client uses Java, then you can specify options on the JVM command line. ( reference).
For other clients, you'll need to do whatever is appropriate for the platform.

Your client appears to be RestSharp. For that, there is apparently an outstanding ticket. The solution suggested there is to include this code in your C# program, during initialization:

System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

This is the C# analogue to the Powershell statement above.

View solution in original post

dchiesa1

Hi

Please could you let me know how to enable TLSv1.2 for the user agents that are still using older TLS Versions

Hmm, I think what's necessary is to get your clients to upgrade. The notice you got is telling you that TLS prior to v1.1 will no longer be supported.

With TLS, the client gets to choose whether to use TLS1.1 or TLS1.2. You need to specify that in the client code.

For example,

if the client is in Windows Powershell, you need to do this:

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

( reference)

If your client uses Java, then you can specify options on the JVM command line. ( reference).
For other clients, you'll need to do whatever is appropriate for the platform.

Your client appears to be RestSharp. For that, there is apparently an outstanding ticket. The solution suggested there is to include this code in your C# program, during initialization:

System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

This is the C# analogue to the Powershell statement above.

sushmaramachand

Thanks @Dino-at-Google for clarifying!!

jineshnarenthak

Thank you for sharing the details.

I have received a similar email. Our client is mobile app. Can you please let me know how to enable TLS1.2 on mobile app?

We are using Apigee Public Cloud Platform. Is there any change/action required on Apigee side?

sushmaramachand

@Jinesh Thakkar - If you are on public cloud, by default TLS 1.2 is enabled so there is no need to mention it explicitly in the Target Endpoint configuration .

Please refer this link for info - https://community.apigee.com/answers/56998/view.html