Ensure your software is up to date: TLS v1.0 switch off 30th June 2018
Published by Peter Armstrong on June 28th, 2018
Saturday 30th June 2018 marks a significant change to how the Internet communicates. An old security protocol (TLS version 1.0) is being phased out, and this might cause issues for anyone hasn’t updated their computer’s operating system, web browser or email software in the last few years. This blog post explains what’s happening and what you should do if you encounter issues.
TLS (Transport Layer Security) is the secure communications protocol used by nearly all e-commerce website applications, web servers, web browsers and email applications. Your computer/tablet/phone will use TLS hundreds of times a day when you surf the web, read your emails or use mobile apps. Indeed, when you opened this blog post, your web browser connected to our website using the TLS protocol.
TLS is still widely known by the name of its predecessor SSL (Secure Socket Layer), despite the SSL protocol reaching end of life two decades ago. SSL 3.0 was superseded by TLS 1.0 in 1999, TLS 1.1 in 2006, TLS 1.2 in 2008, and TLS 1.3 in 2018. As new protocols are introduced, old protocols reach their end of life and for security reasons must no longer be utilised.
The PCI Council is responsible for determining when older protocols are phased out. They initially decided TLS 1.0 would reach end of life on 30 June 2016, later extending the date to 30 June 2018. Therefore, the final deadline is fast approaching where all web servers, web browsers, web software and email applications must discontinue TLS 1.0 support, or fall foul of important security updates. At Spiral Hosting our technicians are applying the appropriate updates across our web and email servers. We confirm all work will be completed by the deadline.
What To Look Out For
For around two years all new software has used TLS 1.2 instead of the old TLS 1.0. All major software vendors (Apple, Microsoft, Google etc.) have released updates to ensure their applications work with TLS 1.2, so we’re not anticipating any major issues.
However, we are advising all clients to be aware of the deadline. This is a good opportunity to ensure all your website software is up to date. Take some time to check your website software, plugins/modules, and email applications. Importantly, ensure any payment modules for example PayPal, SagePay, Realex are up to date – as that’s what could cause the biggest headache for your business. Vendors such as these will be disabling TLS 1.0 across their systems on 30th June 2018.
You, your web developer, or perhaps an IT person in your organisation, will be responsible for updating your website software and any plugins/modules.
If you find any issues utilising or connecting to any piece of software on/after 30th June, in the first instance please contact the relevant software developer for the application/plugin/module, as it’s likely they’ll have released an update or patch.
Importantly, TLS will also be used on your computer, by your operating system, web browser, and email application. It’s equally important that you keep those systems up to date.
Advice for Windows users – Windows XP and earlier operating systems (that are no longer supported by Microsoft) do not include any support for TLS 1.2; the only option is to Upgrade to a New Operating System.
Windows 7 can support TLS 1.2, but you must Install Service Pack 1 and you must Install Registry Keys (download the zip file and import the registry keys). We strongly recommend discussing that with the IT person in your organisation (or a local computer repair shop).
Windows 8 and later have TLS 1.2 support as a default feature, so you shouldn’t need to do anything.
Old email applications (particularly MS Outlook or Exchange), should have been upgraded or patched some time ago and we strongly recommend discussing this with your IT person immediately.
Advice for Mac users – OS X El Capitan (released in 2015) and earlier OS X versions do not support TLS 1.2, but Sierra (released in 2016), High Sierra (2017) and Mojave (2018) all support TLS 1.2. The good news is OS X updates are completely free; there’s no excuse not to update!
Advice for old iPhone/iPad users – Apple have released updates for iOS 5 onwards to make devices compatible with TLS 1.2, so providing your device has the latest iOS release available, apps and websites should work normally. However, in multiple cases we’ve found the native mail app does not support TLS 1.2 despite the device running the latest updates. The solution in those cases has been to use the Gmail or Outlook mail app. You can setup your regular email address on those mail apps.
If you are encountering issues with your email software, don’t forget you can access webmail by going to www.<yourdomainname>.com/webmail – you’ll need your full email address and password to login. We offer a choice of 3 webmail applications – Horde, RoundCube and SquirrelMail. You can access webmail from anywhere until your IT person has updated your operating system and/or email software.
If you’re still facing problems please don’t hesitate to Open a Support Ticket and our team will advise you further. Please include your operating system (the specific version) and your email software (the specific version) so we can provide the most relevant information.