To continue delivering secure services to our customers, and in compliance with industry governance and standards, we are officially withdrawing all support for Transport Layer Security (TLS) version 1.0.
NOTE: TLS v1.0 has now been disabled across all xMatters On-Demand services.
When is this happening?
This change to our services includes the following end-of-life schedules:
- After July 31, 2017, xMatters On-Demand will not accept connections from versions of the Integration Agent prior to version 5.1.8.
- After July 31, 2017, xMatters On-Demand will not accept EPIC client connections for EPIC clients prior to version 5.5.124.
- After July 31, 2017, xMatters will no longer support any connection or deployment using TLS v1.0.
Due to security concerns with older versions of the TLS protocol, we strongly recommend that all customers immediately update their installed Integration Agents to version 5.1.8. and their EPIC Clients to version 5.5.124.
What does this mean?
xMatters On-Demand will disable support for TLS 1.0 connections on July 31, 2017. xMatters On-Demand customers MUST update to the most recent versions of the Integration Agent (version 5.1.8) and the EPIC Client (version 5.5.124), which support the use of TLS 1.1 or greater.
Furthermore, as of July 31, 2017, xMatters Customer Support will no longer offer support for versions of the Integration Agent prior to version 5.1.8.
To help ensure secure connections for your data, we recommend that you upgrade to the latest versions as soon as possible.
Why is this happening?
Due to recognized security issues with the TLS v1.0 protocol, industry and security professionals have recommended discontinuing the use of TLS v1.0, and upgrading all communications to a minimum of TLS v1.1.
The Integration Agent version 5.1.8, Java 8 (1.8), and the xMatters EPIC Client version 5.5.124 offer the required support for TLS v1.1 or greater, and will be the minimum required versions after July 31, 2017.
What other products are affected?
Integration Agent support
For more information about the Integration Agent changes and how they will affect support for previous versions, refer to the End-of-Life Notice For Non-Current Versions of the Integration Agent.
Java
A minimum of Java 8 (1.8) will be required for all xMatters connections after July 31, 2017.
Browsers
The following browsers may not be able to connect to xMatters On-Demand after July 31, 2017:
- Internet Explorer versions 8, 9, and 10 (desktop): These browsers offer support for TLS v1.1., but not by default, and only when running Windows 7 or newer. For information about configuring Internet Explorer for TLS v1.1, consult the Microsoft documentation.
- Internet Explorer 7 and lower (desktop) and Internet Explorer versions 10 and lower (mobile): Not compatible with TLS v1.1 and higher.
- Firefox versions 22 to 26: These versions offer support for TLS v1.1, but not by default. Consult your Firefox documentation for configuration instructions.
- Firefox versions 22 and lower: Not compatible with TLS v1.1.
- Android 4.4 to 4.4.4: May not be compatible on some devices; version upgrade (to 5.0) recommended.
- Android 4.1 and lower: Not compatible with TLS v1.1.
- Safari versions 6 and lower (desktop), OS X version 10.8 and below (desktop), Safari for iOS 4 and lower (mobile): Not compatible with TLS v1.1 or higher.
Other libraries
Any custom integrations or interfaces (such as those using the REST API) should be checked for Java 8 (1.8) and TLS v1.1 compatibility. These connections will be refused if they do not meet the requirements listed here. As known conflicts are discovered or identified, they will be added to the following list:
Curl
If you are running Redhat or a related product, you must have Curl version 7.19.7 patch level 43 (curl-7.197-43.el6.x86_64) or higher to support TLS 1.1/1.2.
SOAP
Some SOAP clients (such as SOAPUI) may require updating to ensure they are using Java 1.8, and are TLS 1.1/1.2 compatible. Refer to the documentation or support for your utility.
How do I upgrade?
The current version of the Integration Agent (5.1.8) is available for download on multiple platforms and provides backward compatibility with integrations created for previous versions of the agent. We recommend that you upgrade to this latest version as soon as possible.
The current version of the EPIC Client is available for download from the xMatters Support site. We recommend working with xMatters Client Assistance to upgrade to this version as soon as possible.
How do I find more information?
For more information about why this change is required, technical assistance, or if you are having issues making any necessary upgrades, contact xMatters Client Assistance via the xMatters Support site.
Comments
3 commentsArticle is closed for comments.
We originally planned to implement the end-of-life for TLS 1.0 on March 31, 2017. Based on feedback received from our customers, we decided to delay these changes until July 31, 2017. This article has been updated to reflect the new timeline.
Just a reminder that the following policy will be taking effect as of next week:
xMatters On-Demand will disable support for TLS 1.0 connections on July 31, 2017. xMatters On-Demand customers MUST update to the most recent versions of the Integration Agent (version 5.1.8) and the EPIC Client (version 5.5.124), which support the use of TLS 1.1 or greater.
TLS v1.0 has now been disabled across all xMatters On-Demand services.