Are You Ready for TLS? Here’s How to Tell

Search Options
Blog Search
Sign up for our monthly marketing trends enewsletter
  • 8/14/2018

    TLS, or Transport Layer Security, is the protocol used for a number of different tasks, such as simple web browsing, automated e-commerce data calls between two servers, email or even screen sharing sessions. The TLS protocol even allows machines to detect data interception, tampering or forgery.

    At thunder::tech, our support team has had the opportunity to maintain a number of different e-commerce websites requiring TLS 1.2 and has answers to some common questions we’ve gotten regarding TLS 1.2.

    How is TLS 1.2 implemented, and who does this affect?

    OK, this is where it starts to get a little technical. But here is a simple(ish) breakdown of how it all works:

    • First, there is a handshake and cipher suite negotiation that takes place between two servers.
    • Then, there is authentication of all involved parties.
    • Next, key-related information is then exchanged between all involved parties.
    • Once the above items have taken place and all is approved, the exchange of application data is allowed.

    At thunder::tech, we aren’t developing the handshake and the cipher suite negotiation or anything like that—that’s all been taken care of by developers that make the internet run in general. What we do strive to ensure is that our client’s third-party services connected to their websites communicate clearly with each other. Since the introduction and implementation of TLS 1.2 on July 30, 2018, many of the day-to-day services we use have required this upgrade, including companies like FedEx, UPS Inc., PayPal, Virtual Merchant and other credit card gateway services.

    Most newer sites and environments are already configured to use TLS 1.2, such as Windows server 2012 and above, sites developed using .Net framework 4.6 and above and JDK/JRE 7 Server and above. For those with older sites and server configurations, this will need to be programmatically turned on.

    But wait! The TLS 1.2 protocol is similar to that of an SSL. I already have an SSL certificate. Am I covered?

    Unfortunately, no. First and foremost, certificates are not the same as protocols, but they are used by the SSL/TLS protocol. On top of this, just because you have an SSL certificate doesn’t mean the credit card gateway you are using will simply let you submit data to its server because you purchased and configured an SSL. They will still require you to use TLS 1.2 protocol. The confusion here comes from the vendors and users purchasing SSL certificates for their sites, as SSL used to be the name of the protocol that everyone used.

    SSL and TLS are both cryptographic protocols. But the implementation and use of these two protocols are different. SSL protocol was originally developed by Netscape and was introduced to the world in 1995 as SSL version 2.0, the first SSL version was never actually released. By 1996 we had SSL version 3.0, and by 1999 users had TLS 1.0. Since then SSL protocol development has been dropped, and

    TLS has continued with TLS 1.3 being released to the public and officially approved for use March 21, 2018. Because the world has now moved onto TLS, there is no need to search or implement a TLS-specific certificate. Your SSL will still work for you.

    How will I know if my website is covered by TLS 1.2?

    July 30 has come and gone, and, at this point, you probably would have seen an outage in your e-commerce transaction service or any third-party calls your site makes, as companies should have implemented the transition before the deadline mandated by the Internet Engineering Task Force.

    But if you are experiencing an outage, experience one in the coming months or are unsure whether you are covered by TLS 1.2, send us an email at support@thundertech.com. There are checks we can run to ensure you are covered and that solutions for implementing TLS 1.2 protocol are setup correctly.

    About the author::Nate Ward is a Support Developer at thunder::tech, providing top-of-the-line care and assistance for all things IT related. He is also an avid home cook.
  • How to Herd Cats When Defining Your Brand
  • 989
  • Episode 84 - Trends Summer Reader 2018: Four-step Brand Management Plan
Sign up for our monthly marketing newsletters