Please update your software to integrate your systems with Glance’s APIs to use TLSv1.2. To protect your privacy and your customers’ privacy, Glance will discontinue the use of TLS1.0.
What is this about?
It is a technical detail about how Glance (and other web applications and web properties) keep your information–and your customers’ information–private and intact on the internet. It’s a detail, but it’s important.
Your software and our servers exchange encrypted information over the internet connection between them. Encryption uses a protocol standard known as Transport Layer Security (TLS), which has several versions. As of October 2018, the available versions are TLSv1.2, TLSv1.1, and TLSv1.0. (TLSv1.3 is starting to become available, and Glance will add support for it when it’s ready.) TLS provides both privacy and data integrity.
Glance already accepts TLSv1.2 and TLSv1.1 connections, and most customers already use TLSv1.2. TLSv1.0 is the oldest version of the standard, and it is less secure than newer versions. So, Glance is disabling it in favor of TLSv1.2 or TLSv1.1. We are doing this in an effort to maintain the highest security standards, promoting the safety of your data.
If your company integrates with Glance APIs using any software applications on servers, please ensure they use TLSv1.2. If your applications do not support up-to-date TLS, your integrations to our APIs will be disrupted when we discontinue TLSv1.0 support.
If you are not sure whether your company integrates with Glance APIs, please show this note to your department’s technical lead for your work with Glance.
Upgrading your integration software
Windows Server 2012 R2 and Windows 8.1 or higher use up-to-date TLS. If your integration software runs on such a machine, you need make no changes.
Windows Server 2008 R2 and Windows 7 or higher use up-to-date TLS if Internet Explorer 11 is installed. If your integration software runs on such a machine, ensure IE11 is installed.
Windows Server 2008 and below, and Windows Vista and below, cannot support up-to-date TLS. If your integration software runs on such a machine, you must upgrade the machine or migrate your software.
Microsoft dotNET Framework
If your integration uses Microsoft’s dotNET Framework, the easiest way to update your software is to upgrade it to use Framework version 4.6 or higher.
If you must continuing using Framework version 4.5, you can also enable up-to-date TLS by setting certain registry keys on Windows operating system machines. Apply these registry changes.
Windows Registry Editor Version 5.00
If your integration uses Java, please update to Version 8. If you can’t update to Version 8, please consult Java’s technical documentation for instructions on enabling up-to-date TLS.
You must upgrade your Python installation to version 2.7.9 or later to enable up-to-date TLS.
Version 1.0.0 of OpenSSL is required on the machine hosting your integration software to enable up-to-date TLS.
If you run PERL on Windows, see the section above called “Windows (WinInet).”
If you run it on Linux or a BSD variant, see the section above called “OpenSSL.”