End of life schedule for TLS v1.0 and TLS v1.1
Transport Layer Security (TLS) is a protocol for encryption and data integrity. Ensuring an updated TLS is crucial to ensure safer transactions. Billplz currently supports TLS v1.0, v1.1 and v1.2.
Billplz’s top priority is to provide our members with a trusted payment platform. Hence, today we begin migration off the older, less secure TLS v 1.0 and v1.1. We plan to completely block TLS v1.0 and TLS v1.1 to further allow incoming connections next year after 31 July 2021.
What do I need to do?
Please ensure that the TLS version used for communication between your server and the Billplz API is TLS v1.2.
Subsequent to this notice, please do the necessary changes by 31 July 2021 to avoid communication failure between your server and the Billplz API.
To get started, use the following notes to verify TLS v1.2 in Ruby, PHP, and Curl environment.
- Ruby 2.0.0 or later and OpenSSL 1.0.1c or later are required.
To verify your Ruby and TLS versions
- in a shell on production system, run:
$ ruby -r'net/http' -e 'puts Net::HTTP.get(URI(" https://tlstest.billplz.com/"))'
- PHP uses the system-supplied cURL library, which requires OpenSSL 1.0.1c or later.
- You might need to update your SSL/TLS libraries
Find OpenSSL in these locations:
- OpenSSL installed in your operating system's Openssl version.
- OpenSSL extension installed in your PHP. Find this in your php.ini.
- OpenSSL used by PHP_CURL.curl_version().
To verify your PHP and TLS versions
- Download TlsCheck.php
- In a shell on product system, run:
php -f TlsCheck.php
To verify TLS versions with curl
- In shell on production system, run:
$ curl https://tlstest.billplz.com
To verify different TLS versions with curl