TLS 1.2 Upgrade Notice

  • 2
  • Announcement
  • Updated 1 month ago
  • (Edited)
Ensuring security of Replicon’s environment which hosts your instance is Replicon’s top priority. We believe that dependable service is integral to the important work you are doing. We are hence making changes to our support of Transport Layer Security or TLS. Below are the details:

What is TLS?
Transport Layer Security (TLS) is a protocol that ensures privacy between communicating applications and their users on the Internet. When a server and client communicate, TLS ensures that no third-party may eavesdrop or tamper with any message. 

How do I know if I am affected?
Click here to check if your browser supports TLS 1.2

Who all in my organization are affected with this?
Anyone running older internet browser versions. If you are not keeping up with the latest browser updates, then you will be affected.

If you have a custom code/tool developed within your organization to connect to Replicon Web Services and perform automated tasks,then the framework (e.g. .NET) that is used to develop this integration needs to support TLS 1.2. In case an older framework is used to compile the existing code, then you will need to upgrade the build to support TLS 1.2. Please contact Replicon Support if you need further assistance on this.

What is Replicon doing as part of this upgrade?
Effective March 31, 2019 Replicon will only allow TLS 1.2 client connections to work and the others will be refused. Hence if your browsers are not TLS 1.2 enabled by March 31st, 2019, Replicon will not be accessible. This applies to custom integrations built on API calls as well.

Any browser version higher than the below listed versions will support TLS 1.2
Google Chrome 29
Firefox 26
Internet Explorer 10
Safari 8

Any mobile OS versions higher than the below listed versions will support TLS 1.2
iOS 4
Android 4

Feel free to reach out to Replicon for any further concerns and we will be glad to help.
Photo of Aashnee Kamboj

Aashnee Kamboj, Community Moderator

  • 1657 Posts
  • 114 Reply Likes

Posted 4 months ago

  • 2
Photo of Juliano, Chad

Juliano, Chad

  • 3 Posts
  • 0 Reply Likes
I got a notice before I login: "Replicon has detected that you are using a web browser that may not support the latest Internet security standard (TLS 1.2). To protect our customers, Replicon will be removing support for older security standards on April 15th 2019. Please upgrade your web browser for continued access to Replicon. Thank you for choosing Replicon."

I am not sure why I should be affected because I am using the latest version of Chrome. If Replion can't support the most popular browser then there will be a lot of problems.

Photo of Charlene Eriksen

Charlene Eriksen, Product Manager

  • 381 Posts
  • 39 Reply Likes
Hi Chad,

I wouldn't expect you to be impacted when using the latest version of Chrome. As explained in the original post, Chrome 29 and higher should be fine. Can you please go to this page from within Chrome: https://www.ssllabs.com/ssltest/viewMyClient.html? This will give you a report on whether your browser supports TLS 1.2. If everything looks as expected, please let us know which version of Chrome you are using and we can look into why you are seeing this message. The version can be found under Help > About Google Chrome.

Thanks,
Charlene
Photo of Juliano, Chad

Juliano, Chad

  • 3 Posts
  • 0 Reply Likes
The ssltest page indicates my browser is good. I think the message on replicon may be displayed incorrectly.
Photo of Mathieu Fenniak

Mathieu Fenniak, Innovation Engineer

  • 24 Posts
  • 5 Reply Likes
Hi Chad,

We're detecting TLS 1.2 support by checking whether a JS file can be loaded that is served from a TLS 1.2-only domain.  This mechanism worked fine with Chrome in all our internal testing, but this is the second report we've had from a customer having trouble with it in the field.

Is it possible that you have a browser plug-in that might be blocking that file from loading?  The other customer we worked with on this issue was using a Chrome plugin called Privacy Badger that blocked the detection mechanism on some networks.

If you're using the latest Chrome, you can definitely disregard this warning message, and my apologies for it appearing for you.  We will be removing this message in April as we complete our transition to TLS 1.2-only services.

Thanks!

Mathieu Fenniak
Photo of Juliano, Chad

Juliano, Chad

  • 3 Posts
  • 0 Reply Likes
The problem was caused by privacy badger. After I whitelisted replicon.com the message went away.

Thanks,
Chad.