TLS 1.2 Upgrade | CardPointe Support Center

Overview

Data security is the basis of every transaction that touches CardConnect. In an attempt to continue to offer a secure means of communication to our systems, CardConnect is upgrading its systems and applications to accept Transport Layer Security ( TLS ) 1.2 .

TLS 1.0/1.1 Deactivation Deadline Extended

In an campaign to provide extra time to our customers to ensure TLS 1.2 readiness, we have extended the timeline for accepting TLS 1.0 and TLS 1.1 communications until June 18th, 2018. After this date, we will no longer support communications made with the TLS 1.0 and TLS 1.1 protocols. Please ensure that you are prepare for this newly cut-off date by referring to the How the Upgrade Impacts You section below .

What is TLS?

The Transport Layer Security ( TLS ) protocol encrypts and authenticates the datum that is passed between communicating applications and their end users. For model, when you enter your login credentials on a web site, TLS prevents a third-party from stealing the information that is exchanged during the login work .

Why Upgrade?

The PCI ( Payment Card Industry ) Security Standards Council, which defines security system and safety rules for the payments industry, no longer considers TLS 1.0 and TLS 1.1 to be a plug imprint of encoding because it is vulnerable to respective types of attacks. As a result, all service providers and merchants who process or transmit credit calling card data must take the necessity measures to ensure that their systems and applications are upgraded to accept the TLS 1.2 protocol.

For extra information on TLS and and the risks that are present when using TLS versions 1.0 and 1.1, please refer to the PCI Security Standards Council ’ s Information Supplement on Migrating from SSL and Early TLS .

How is TLS Used at CardConnect?

When communications take space with CardConnect ‘s systems and applications, the TLS protocol works to encrypt and/or authenticate the trace types of information :

  • Cardholder Data
  • Communications from a merchant’s server to CardConnect’s APIs
  • Personally Identifiable Information (PII) of buyers
  • Application Login Data

TLS 1.0 and TLS 1.1 UAT Deactivation

We will be permanently deactivating support for TLS 1.0 and TLS 1.1 on March 15, 2018. Please ensure you have tested your systems for TLS 1.2 facility anterior to this date .

CardPointe and CoPilot Users

If you are a CardPointe and/or CoPilot user, it is important to ensure that your network browsers are up-to-date. Most browsers have supported TLS 1.2 for some time, but if you have n’t updated your browser to the latest interpretation, then you may be impacted by this upgrade .
Please refer to the Web Browser Support section of this page to verify whether your browser ( randomness ) is supported by TLS 1.2 .

Bolt and API/Gateway Users

Java Support

If you run one of the postdate versions of Java, it is significant that you take action before March 31st, 2018 to continue to communicate with CardConnect ‘s services .

Java Version Details
JDK/JRE 7 Client Yes, but support for TLS 1.2 must be enabled .
JDK/JRE 7 Server and above TLS 1.2 enabled by default.
JDK/JRE 6 and below No TLS 1.2 support .

OpenSSL Support

Your OpenSSL translation must be 1.0.1 or higher .

Common Server Platforms that Depend on OpenSSL

  • Linux
  • Mac OS X
  • Node.js
  • Ruby

ASP/.NET Support

TLS Support varies based on your Windows Kernel

  • Uses a crypto library called Microsoft Secure Channel (Schannel)

Oracle E-Business Suite Users

These security enhancements will require the deployment of a new CardConnect codebase in your Oracle EBS environment. CardConnect will contact you regarding the deployment of the new code equally well as the add functionality included in this let go of .
additionally, it is important that you apply the appropriate Oracle mend depending on the version of Oracle EBS that you are using, as indicated below :

Version Details
Oracle E-Business Suite 12.1 Oracle EBS Suite 12.1 users must install the following Oracle patch to ensure TLS 1.2 support. (Doc ID 376700.1)
Oracle E-Business Suite 12.2 Oracle EBS Suite 12.2 users must install the following Oracle patch to ensure TLS 1.2 support. (Doc ID 1367293.1)

SAP Users

Please refer to the postpone below for details based on your fool version :

SAP Version Details
SAP RFC ( TCP/IP ) SNC Enabled:

  • Ensure current SAPCryptolib 8.4.31.
  • Validate SAPCryptolib via SAP Transaction: SSF02

SNC Not Enabled:

  • No updates are required for your SAP system.
SAP RFC ( HTTP connection to External Server )
  • Ensure current SAPCryptolib 8.4.31.
  • Validate SAPCryptolib via SAP Transaction: SSF02.
  • Maintain the RZ10 Parameter:
    • Parameter:  ssl/client_ciphersuites
      • Value:  512:HIGH
    • Parameter: icm/HTTPS/client_sni_enabled  
      • Value: TRUE
    • Restart ICM for these new parameters to be active.
SAP PI
  • Ensure current Java Cryptolib – OSS Note: 2284059.
  • Please refer to the SAP PI blog for more information on upgrading to TLS 1.2.

Integrated Ingenico USB Device Users

If you use an integrated Ingenico USB Device, please mention to the details below to determine the necessary actions that are required to ensure a seamless transition to TLS 1.2. Note : The shape settings within your existing cs.ini file should be ported over to the newly cs.ini file that is included in the Desktop Tokenizer .zip file that you downloaded .

Download and Configure PANpadUp

To download the latest version of PANpadUp, click hera. The slide fastener file contains the following files :

File Name Details
ppu.exe The new version of the PanPadUp application.
ppu.ini The PanPad application configuration file.

For details on testing the newly application, refer to the section Testing a New Application. Note : The shape settings within your existing ppu.ini file should be ported over to the new ppu.ini file that is included in the PANpadUp .zip file that you downloaded .

DLL

refer to the table below to determine if action is required on your part based on your version of the .NET model .

.NET Framework Version Details
3.5.1
  • Download and install an update to the .NET 3.5.1 framework, which enables the framework to work with TLS 1.2.
  • Download the new PANpad DLL and refer to the README.txt file that is included in the .zip for more information.
4.0
  • Update to the .NET 4.5 framework.
  • Download the new PANpad DLL and refer to the README.txt file that is included in the .zip for more information.
4.5 +
  • Download the new PANpad DLL and refer to the README.txt file that is included in the .zip for more information.

Testing a New Application

Upon updating to the newfangled version of Desktop Tokenizer, PANpadUp, or DLL, we recommend a full regression test of the newfangled applications in your environment in order to ensure compatibility of all implemented changes for TLS 1.2 defend. This includes all compulsory tokenization scenarios in UAT ( User Acceptance Testing ) and Production .
support of TLS 1.2 is powerfully correlated to which .NET version is running within the Windows environment. Please coordinate with a network administrator to verify and confirm that the .NET version supports TLS 1.2. If running .NET 4.0, then an update to .NET 4.5 will be required .
If examination is executed with either the Desktop Tokenizer or PanPadUp while running a .NET version that does not support TLS 1.2, then the CardConnect application will prompt the drug user with the appropriate natural process before any test can proceed .

Enabling TLS 1.2 Support in Mozilla Firefox Browsers

If you are using Mozilla Firefox versions 24 through 26, follow the steps below to enable support for TLS 1.2 :

  1. Open Firefox.
  2. In the URL/address bar, type about:config and press Enter.
  3. In the Search field, enter tls. Locate and double-click the entry for security.tls.version.minfirefox enable tls 1
  4. Set the Integer Value to 3 to enable support for TLS 1.2.
  5. Click OK
  6. Close your browser and restart Mozilla Firefox.

Your browser is nowadays ready to support the TLS 1.2 protocol .

Enabling TLS 1.2 Support in Internet Explorer Browsers

If you are using Internet Explorer 8, 9, or 10, follow the steps below to enable patronize for TLS 1.2 :

  1. Open Internet Explorer and click Tools > Internet Options.
  2. Select the Advanced tab.
  3. Check the boxes next to TLS 1.1 and TLS 1.2 to enable support for these protocols. 
  4.  Uncheck the box next to SSL 3.0 to disable this setting. IE browser settings
  5. Click Apply and OK.
  6. Close your browser and restart Internet Explorer.

Your browser is now quick to support the TLS 1.2 protocol .

Microsoft Internet Explorer Mobile

If Your Internet Explorer Mobile Version is.. And You Are Running on this Operating System.. Then…
v7 – Windows Phone 7
– Window Phone 7.5
– Window Phone 7.8
Your web browser is not supported by TLS 1.2 and must be updated.
v9 – Windows Phone 7
– Window Phone 7.5
– Window Phone 7.8
Your web browser is not supported by TLS 1.2 and must be updated.
v10 Windows Phone 8 You must enable support for TLS 1.2 in your browser.
v11 Windows Phone 8.1 Your browser supports TLS 1.2.

Microsoft Edge

If Your Microsoft Edge Version is.. And You Are Running on this Operating System.. Then…
v12 Windows 10 v1507 Your browser supports TLS 1.2.
v13 Windows 10 v1511 Your browser supports TLS 1.2.
v14 Windows 10 v1607 Your browser supports TLS 1.2.
v15 Windows 10 v1703 Your browser supports TLS 1.2.
v16 Windows 10 v1709 Your browser supports TLS 1.2.

Opera

If Your Opera Version is.. And You Are Running on one of these Operating Systems.. Then…
v1 through v9 – Windows 7 and up
– Mac OS X 10.9 and up
– Linux
– Android 4.0 and up
Your web browser is not supported by TLS 1.2 and must be updated.
v10 through v12.17 – Windows 7 and up
– Mac OS X 10.9 and up
– Linux
– Android 4.0 and up
You must enable support for TLS 1.2 in your browser.
v12.18 – Windows 7 and up
– Mac OS X 10.9 and up
– Linux
– Android 4.0 and up
Your browser supports TLS 1.2.
v14 through v16 – Windows 7 and up
– Mac OS X 10.9 and up
– Linux
– Android 4.0 and up
Your web browser is not supported by TLS 1.2 and must be updated.
v17 through v45 – Windows 7 and up
– Mac OS X 10.9 and up
– Linux
– Android 4.0 and up
Your browser supports TLS 1.2.

Enabling TLS 1.2 Support in Opera Browsers

If you are using Opera versions 10 through 12.17, follow the steps below to enable support for TLS 1.2 :

  1. Open Opera.
  2. Click Ctrl plus F12.
  3. Scroll down to the Network section and click Change proxy settings…
  4. Select the Advanced tab.
  5. Scroll down to the Security section and check check the boxes next to Use TLS 1.1 and Use TLS 1.2.
  6. Click Ok.
  7. Close your browser and restart Opera.

Your browser is immediately ready to support the TLS 1.2 protocol .

Apple Safari

If Your Safari Version is.. And You Are Running on one of these Operating Systems.. Then…
v1 – Mac OS X 10.2 and up Your web browser is not supported by TLS 1.2 and must be updated.
v2 through v5 – Mac OS X 10.4, 10.5, 10.6, 10.7
– Windows XP
Your web browser is not supported by TLS 1.2 and must be updated.
v6 – MAC OS X 10.8 Your web browser is not supported by TLS 1.2 and must be updated.
v7 through v10 – Mac OS X 10.9, 10.10, 10.11, 10.12, 10.13
– iOS 1.0 and up
Your browser supports TLS 1.2.
v3 through v5 (iOS 3 and 4) – Mac OS X 10.2 and up
– iOS 1.0 and up
Your web browser is not supported by TLS 1.2 and must be updated.
v5 (iOS 5 and 6) through v10 – Mac OS X 10.2 and up
– iOS 1.0 and up
Your browser supports TLS 1.2.

Apple Safari Mobile

If Your Safari Mobile Version is.. And You Are Running on one of these Operating Systems.. Then…
v3 iOS 1
iOS 2
Your web browser is not supported by TLS 1.2 and must be updated.
v4 through v5 iOS
iOS 4
Your web browser is not supported by TLS 1.2 and must be updated.
v5 through v6 iOS 5
iOS 6
Your browser supports TLS 1.2.
v7 iOS 7 Your browser supports TLS 1.2.
v8 iOS 8 Your browser supports TLS 1.2.
v9 iOS 9 Your browser supports TLS 1.2.
v10 iOS 10 Your browser supports TLS 1.2.
v11 iOS 11 Your browser supports TLS 1.2.

Cryptographic Library Support

The following libraries do not support TLS 1.2 :

  • SChannel XP / 2003
  • SChannel Vista / 2008
  • SChannel 8 / 2012
  • Secure Transport OS X 10.2-10.8 / iOS 1-4

Configuring Windows SChannel Settings

If you are using a interpretation of Windows SChannel that is compatible with TLS 1.2 and are uncertain how to configure your client-side settings to ensure TLS submission, a 3rd-party joyride exists that can be used to help you enable or disable assorted system-wide options. For more information, pawl here. CardConnect is not affiliated with this seller. We are simply providing you with this information to far help you in achieving TLS 1.2 submission.

tls nartac schannel

Supporting Content

TLS 1.2: General Information Webinar

TLS 1.2: SAP Customer Webinar

TLS Webinar: Oracle Customer Webinar

source : https://thefartiste.com
Category : Tech

About admin

I am the owner of the website thefartiste.com, my purpose is to bring all the most useful information to users.

Check Also

articlewriting1

Manage participants in a zoom meeting webinar

Call the people who attend the meet as follows Alternate host host Who scheduled the …

Leave a Reply

Your email address will not be published.