End of Life for (TLS Transport Layer Security) 1.0 and 1.1 Support
Google, Microsoft, Apple and Mozilla have all announced that their browsers will no longer support TLS 1.0 and 1.1 Due to this development, Trackforce will be moving all of its online services to TLS 1.2+ ensuring that services meet the highest security standards. All endpoints will be required to support TLS 1.2 after the transition in order to connect to Trackforce software applications. This initially meant that starting May 1, 2020 Trackforce would be beginning to discontinue support for TLS 1.0 and 1.1 in Guardtek Post and m-Post for any client devices, services and interfaces to be ready for the original June 1 deadline.
Due to the current COVID-19 pandemic, we will continue to support TLS 1.0 and 1.1 until the situation improves. We will notify you ahead of time when we decide to discontinue support for TLS 1.0 and 1.1. Meanwhile and to ensure a smooth transition, we encourage all our customers to upgrade to TLS 1.2+ at their earliest convenience.
What Does This Mean For Trackforce Clients?
Trackforce recommends that anyone with the following client versions download and install the latest version to ensure that devices can support TLS 1.2:
Clients known NOT to support TLS 1.2:
· Android 4.3 and earlier versions
· Firefox version 5.0 and earlier versions
· Internet Explorer 8-10 on Windows 7 and earlier versions
· Internet Explorer 10 on Windows Phone 8
· Safari 6.0.4/OS X10.8.4 and earlier versions
Contact Your IT Department Today to Ensure That Your Devices Can Support TLS 1.2
Frequently Asked Questions
Question: Why are you deprecating TLS 1.0 and 1.1?
Answer: TLS 1.0 and 1.1 are out-of-date protocols that do not support modern cryptographic algorithms, and they contain security vulnerabilities that may be exploited by attackers. The Internet Engineering Task Force is also planning to officially deprecate both protocols. In addition, the vast majority of encrypted Internet traffic is now over TLS 1.2, which was introduced over a decade ago.
Question: Will this affect my users that have up-to-date devices?
Answer: It should not, because we already support TLS 1.2 for our services. Your up-to-date browser is already using the TLS 1.2 standard for connection if available.
Question: What will happen if I do not update my devices by the deadline (Trackforce will communicate the deadline)?
Answer: Devices that are not able to negotiate a TLS 1.2 connection will be unable to access Guardtek Post. m-Post could also be affected to retrieve images and PDF files.
Question: If I update my endpoint to support TLS1.2, do I need to do anything further to access my Trackforce services?
Answer: No. The client will re-establish communications with Trackforce services leveraging the more secure TLS 1.2 protocol.
Question: How can I tell if my endpoints support TLS 1.2?
Answer: Your browser support will impact TLS compatibility with Trackforce services. In order to check if your compliant, you can do this:
- Browser test: https://www.ssllabs.com/ssltest/viewMyClient.html. Confirm that there is a “Yes” next to TLS 1.2 in the “Protocols” section
For Windows users, we also recommend that you disable support for SSL, TLS 1.0 and TLS v1.1 at the operating system level: https://support.microsoft.com/en-us/help/187498/how-to-disable-pct-1-0-ssl-2-0-ssl-3-0-or-tls-1-0-in-internet-informat.
You can also check the Internet Options from control Panel to see if TLS 1.2 is enabled: