End of life schedule for TLS v1.0 and TLS v1.1
Introduction
Transport Layer Security (TLS) is a protocol for encryption and data integrity. Ensuring an updated TLS is crucial to ensure safer transactions. Billplz currently supports TLS v1.0, v1.1 and v1.2.
Billplzās top priority is to provide our members with a trusted payment platform. Hence, today we begin migration off the older, less secure TLS v 1.0 and v1.1. We plan to completely block TLS v1.0 and TLS v1.1 to further allow incoming connections next year after 31 July 2021.
What do I need to do?
Please ensure that the TLS version used for communication between your server and the Billplz API is TLS v1.2.
Subsequent to this notice, please do the necessary changes by 31 July 2021 to avoid communication failure between your server and the Billplz API.
To get started, use the following notes to verify TLS v1.2 in Ruby, PHP, and Curl environment.
Ruby
Requirements
- Ruby 2.0.0 or later and OpenSSL 1.0.1c or later are required.
To verify your Ruby and TLS versions
- in a shell on production system, run:
$ ruby -r'net/http' -e 'puts Net::HTTP.get(URI(" https://tlstest.billplz.com/"))'
On success:
Success
PHP
Requirements
- PHP uses the system-supplied cURL library, which requires OpenSSL 1.0.1c or later.
- You might need to update your SSL/TLS libraries
Guidelines
Find OpenSSL in these locations:
- OpenSSL installed in your operating system's Openssl version.
- OpenSSL extension installed in your PHP. Find this in your php.ini.
- OpenSSL used by PHP_CURL.curl_version().
To verify your PHP and TLS versions
- Download TlsCheck.php
- In a shell on product system, run:
php -f TlsCheck.php
On success:
Success
Curl
Requirements
- Curl
To verify TLS versions with curl
- In shell on production system, run:
$ curl https://tlstest.billplz.com
On success:
Success
To verify different TLS versions with curl
- Test TLS v1.0:
$ curl -v --tls-max 1.0 --tlsv1.0 https://tlstest.billplz.com - Test TLS v1.1:
$ curl -v --tls-max 1.1 --tlsv1.1 https://tlstest.billplz.com - Test TLS v1.2:
$ curl -v --tls-max 1.2 --tlsv1.2 https://tlstest.billplz.com