2Checkout supports only TLS1.1 and TLS1.2

HostLeet · Post #1 (**permalink**) 05-26-2017, 05:24 PM

Got this email from 2CO today. Most people probably won't have to worry about this, but I know there are still some using SSL 3.0 on their servers. If you are one of those people, now is a good time to stop and switch over to the new PCI standard (TLS1.1 & TLS1.2).

Quote:

From protecting the identity of our Merchants to securing your customers' transactions, our focus here at 2Checkout is to process your payments securely and efficiently while adhering to the latest changes and updates within the payments industry.

The Payment Card Industry (PCI) Security Standards Council (SSC) has released its latest data security standard (DSS) 3.1, which mandates all businesses move away from Secure Sockets Layer (SSL) web encryption because it's no longer considered strong enough. Therefore, starting June 1, 2017, 2Checkout will no longer support SSL 3.0 and TLS 1.0. This means that all API requests, Vendor Admin sessions and standard checkout processes will need to use TLS 1.1 or TLS 1.2.

As a Merchant, please check to ensure your connectivity will not be affected – you may need to make updates to your servers, programming language and even the browser you are using immediately.

Blog post: https://www.2checkout.com/blog/artic...er-june-1-2017

Sevencomet · Post #2 (**permalink**) 05-27-2017, 08:53 AM

This should have been long time coming as with so much different changes in technology, I was wondering when some of these cc processor will make the switch. Wouldn't it have been better if they inform us at least a few months in advance. It seems that 3 days notice is a bit too soon, especially for multiple servers configuration, but go figure the price we pay for security.

whmcsguru · Post #3 (**permalink**) 06-05-2017, 05:16 AM

What, they still accept 1.1? Bad, bad, bad 2co.
Should be 1.2 only

This is an industry standard at this point, over the next few months you'll see every processor doing this. We've known it was coming for, what, a year now?

HostLeet · Post #4 (**permalink**) 06-05-2017, 10:03 AM

Quote:

Originally Posted by whmcsguru

What, they still accept 1.1? Bad, bad, bad 2co.
Should be 1.2 only

This is an industry standard at this point, over the next few months you'll see every processor doing this. We've known it was coming for, what, a year now?

TLS 1.2 is preferred, however, TLS 1.1 is acceptable by the new DSS 3.1 standards if configured properly, hence why TLS 1.1 and TLS 1.2 are both supported.