At CloudBilling we continuously keep improving our security practices to protect your data. As part of these improvements we will discontinue support for TLS v1.0 and v1.1 on October 15th, 2018.

 

Please share this message with the technical responsible in your organization. Most of our customers don’t use these outdated versions of the protocol anymore, but as all connection attempts relying on TLS v1.0 and v1.1 will fail after October 15th it is important that you check the situation in your organization. This applies to your production environment as well as any environments being in development.

 

For who is this message?

This message is for all our customers who are still using TLS v1.0 or v1.1.

 

What is the change?

From October 15th, 2018 connections to the CloudBilling Management Portal and API will start to require TLS v1.2. On that date we will begin disabling the TLS v1.0 and v1.1 protocol.

 

Why are we doing this?

Both versions TLS v1.0 and v1.1 are outdated and pose a security risk due to downgrade attacks. For DigiCert similar reasons apply. They have written a nice blogpost on this subject. 

 

How will you be impacted?

After CloudBilling disables TLS v1.0 and v1.1, all connections will require TLS v1.2. Any connection attempts relying on TLS v1.0 and v1.1 will fail.

 

What do you need to do?

Verify that the software that you use supports TLS v1.2 and that it is enabled. When using PowerShell you could add the following code to your script to enable TLSv1.2:

 

if ([Net.ServicePointManager]::SecurityProtocol -notcontains 'Tls12') {

    [Net.ServicePointManager]::SecurityProtocol += [Net.SecurityProtocolType]::Tls12

}

 

We have setup temporary endpoints to verify your integrations and browser setups. You can find the application at https://app-tls12.cloudbilling.nl and the API at https://api-tls12.cloudbilling.nl/[version].svc. These point to the same production environment, so you can use your existing credentials. Be aware that these are endpoints are temporary and intended only for verifying your implementation against TLS v1.2.

We will take these endpoints offline after the normal endpoints have migrated over to TLS v1.2.


If you have any questions or concerns, please contact us at support@cloudbilling.nl.